Report - www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/

Report Overview

Submitted URL
www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/
IP
207.55.248.94
ASN
#11989 WEBINT
Submitted
2023-01-27 20:03:53
Access
Website Title
Final URL
Tags
dhl logistics phishing
urlquery detections
Phishing - DHL

Detections

urlquery
8
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.33.119.27
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
dispatching-centre.lasamericascargo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	57 kB	135.181.58.223
cdn.livechatinc.com	6288	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	27 kB	23.36.79.17
api.livechatinc.com	5353	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	581 B	268 B	23.36.79.17
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	52 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
www.blackgeeksofdragoncon.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	481 kB	207.55.248.94
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.187.31.159
cdn.lr-in.com	13237	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	1.0 kB	104.21.234.144

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-27	medium	www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/	DHL Airways, Inc.

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-27	medium	www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/	Phishing
2023-01-27	medium	www.blackgeeksofdragoncon.com/js/app.js	Phishing
2023-01-27	medium	www.blackgeeksofdragoncon.com/js/session-recorder.js	Phishing
2023-01-27	medium	www.blackgeeksofdragoncon.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80	Phishing
2023-01-27	medium	www.blackgeeksofdragoncon.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b	Phishing
2023-01-27	medium	www.blackgeeksofdragoncon.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2	Phishing
2023-01-27	medium	www.blackgeeksofdragoncon.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	www.blackgeeksofdragoncon.com/js/app.js	140 B	2023-03-12	2023-03-13
Pretty URL www.blackgeeksofdragoncon.com/js/app.js IP 207.55.248.94 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:08:40 Last Seen2023-03-13 10:14:56 Times Seen1 Hash e167ecafcc7b89e6d57e032127661710 fb71cdd273c59a89b30ce4bf3ce3d0b77153a61e c00abee333cb0c0ce9d6566400670d1830518528f88e4a29f1a8040672d958e1 Loading...

	www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/	2.7 kB	2023-03-07	2024-04-12
Pretty URL www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/ IP 207.55.248.94 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:15 Last Seen2024-04-12 16:43:22 Times Seen112 Hash cf87e7c28123e18bed521a4566059608 4d8f4d0e41a6a8ab9e1f1cbca789753270d49c1e 982c274017704f2be74956c06e33ba2057cffa5c7df265bc43b05f21ab57c779 Loading...

	cdn.livechatinc.com/tracking.js	87 kB	2023-03-13	2023-03-14
Pretty URL cdn.livechatinc.com/tracking.js IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:11:34 Last Seen2023-03-14 06:27:26 Times Seen1 Hash 29e075294399875f6fd4bdaa0f4a20e4 4b66dda1ae90f520557c9e3190686a4c4301282c b3fcf409ea4cc82df451395238d14a5c25a8bde7f6d6bf547125ed0b374e2dda Loading...

	api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863281&url=http%3A%2F%2Fwww.blackgeeksofdragoncon.com%2Fwp-content%2Fuploads%2F2022%2F10%2Fstarten%2F&channel_type=code&jsonp=__k1ec0hp1rcq	80 B	2023-03-13	2023-03-13
Pretty URL api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863281&url=http%3A%2F%2Fwww.blackgeeksofdragoncon.com%2Fwp-content%2Fuploads%2F2022%2F10%2Fstarten%2F&channel_type=code&jsonp=__k1ec0hp1rcq IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:48:37 Last Seen2023-03-13 08:48:37 Times Seen1 Hash c1a6263fe57e157b4013f232e507b2cf 5ad41788618b31abc12660b02d337e2042b13ad9 848e45971d2f588d5c4b6e0249ffb8649f5b20fe83d5d84de52f424bb2aad407 Loading...

	cdn.lr-in.com/logger-1.min.js	821 kB	2023-03-13	2023-03-13
Pretty URL cdn.lr-in.com/logger-1.min.js IP 104.21.234.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:44:07 Last Seen2023-03-13 08:53:40 Times Seen1 Hash 74196f8a9da773bf9a5f29cbfe39fd73 a1b49d2f14cb7c6cfa9da324f239c76450c09e03 8e6bbe36a8e18f871fad116489e4a41fbd4a9a5b0c8faa78684c0507a221864a Loading...

	dispatching-centre.lasamericascargo.com/js/card.js	59 kB	2023-03-07	2024-04-06
Pretty URL dispatching-centre.lasamericascargo.com/js/card.js IP 135.181.58.223 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:57 Last Seen2024-04-06 06:20:40 Times Seen12198 Hash 30e93a747ba8285615cfbc3643dc1a62 3a55f9d6ac708f519d351ea0b69083457778ec9d 18c4b9b4c27233b541a47300a4ee98239e1f8dec4bbcd9fabb6bdad12ca82025 Loading...

	www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/	221 B	2023-03-07	2024-05-02
Pretty URL www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/ IP 207.55.248.94 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:15 Last Seen2024-05-02 10:04:20 Times Seen455 Hash a870e9d213023e1900b0c6fb46bdfa1f e82c3b3e3277d2db60522af0fc2eb9a1a3f342fa 5818cb1b843c3187db11715b9a3c015591aa4e106a89559689b8016a784a9bca Loading...

	www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/	437 B	2023-03-07	2024-05-02
Pretty URL www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/ IP 207.55.248.94 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:15 Last Seen2024-05-02 10:04:20 Times Seen457 Hash 81280e6be9081837195e24a7268f9138 35546d7f9c581846d7a215968de50e2aa70d778f 27da46f0dbe279737be8e490e90b3858972852d6a504ef1974c3e588996ab731 Loading...

	www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/	747 B	2023-03-12	2023-04-22
Pretty URL www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/ IP 207.55.248.94 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:10:23 Last Seen2023-04-22 04:55:11 Times Seen7 Hash 8105ca15aaac66e2e91d49a53b51fc41 6dce18cc3ac33f28b3afe2728e1f51bb6eaf8b8c e02888ad271a8ee020ed5f66a5c3641e5078b52c924064e639b7fb16db41f7c6 Loading...

	dispatching-centre.lasamericascargo.com/js/intlTelInput.js	89 kB	2023-03-07	2024-02-22
Pretty URL dispatching-centre.lasamericascargo.com/js/intlTelInput.js IP 135.181.58.223 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:15 Last Seen2024-02-22 12:20:12 Times Seen190 Hash be78a3e1d45f0451d605431c05961c22 13f65075b0ad9774f95406a2529423a631032a31 691ff3918fb72cddc3abf2b84af0d66e0d2875b18b032ef6864923789c7e4077 Loading...

	www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/	165 B	2023-03-07	2024-05-02
Pretty URL www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/ IP 207.55.248.94 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:15 Last Seen2024-05-02 10:04:20 Times Seen464 Hash 430ecc2f3cf84cff47c449d145e6d4b0 9ea2d341b5ebc9668ad944047c439953d5928826 c27ea770946ea916def48e311fae08371c423fdd8486a2b7b7e0ca874613bb41 Loading...

HTTP Transactions (36)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4040
Expires: Fri, 27 Jan 2023 21:11:03 GMT
Date: Fri, 27 Jan 2023 20:03:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18824
Expires: Sat, 28 Jan 2023 01:17:27 GMT
Date: Fri, 27 Jan 2023 20:03:43 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 19:35:23 GMT
content-type: application/json
age: 1700
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2175
Expires: Fri, 27 Jan 2023 20:39:58 GMT
Date: Fri, 27 Jan 2023 20:03:43 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TIXSg4IujvLUZIs4V0nWMRnXEVB6IlhxuoFhpzSP03KJFPzMPTQcuuY0m9KBOh2B10qFnoS/5X021WYFjbaO6A==
x-amz-request-id: NJC9HM52T2CW1FYS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 19:49:32 GMT
age: 851
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 20:03:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 19:41:40 GMT
age: 1323
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17542
Expires: Sat, 28 Jan 2023 00:56:05 GMT
Date: Fri, 27 Jan 2023 20:03:43 GMT
Connection: keep-alive

www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/

207.55.248.94

200 OK

62 kB

URL HTTP/1.1
www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/
IP
207.55.248.94:0
ASN
#11989 WEBINT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (672), with CRLF line terminators
Size
62 kB (62366 bytes)
Hash
bc478ba334d74b3609e55f57f42322db
40da86cbbc2836be18cb11b6892bc255bb0aca6d
15c401dad27c1202f4a5b94d978b2e97818861373fb48478ae39f2e425e2497b

Detections

Analyzer	Verdict	Alert
openphish	DHL Airways, Inc.
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/10/starten/ HTTP/1.1
Host: www.blackgeeksofdragoncon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:59:27 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=ga11hakm2qnmnuqm3nk8j0vkn0; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

push.services.mozilla.com/

54.187.31.159

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.31.159:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: K/tUfns48Xf71mrtfOA4pw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: R3kC/E+NyXNNkMPW/O0caSpLBhc=

dispatching-centre.lasamericascargo.com/js/card.js

135.181.58.223

200 OK

14 kB

URL HTTP/1.1
dispatching-centre.lasamericascargo.com/js/card.js
IP
135.181.58.223:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (51786)
Size
14 kB (14123 bytes)
Hash
d35da45d04c690d38c2dcc1926e3db65
5050103ac25e395cffd6de16383f017490c11a9f
466873779d48ff831cf944e40ab930d14828e007dc190c500ac12a38cd986cb3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /js/card.js HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:03:36 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 04:36:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14123
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: application/javascript

dispatching-centre.lasamericascargo.com/js/intlTelInput.js

135.181.58.223

200 OK

21 kB

URL HTTP/1.1
dispatching-centre.lasamericascargo.com/js/intlTelInput.js
IP
135.181.58.223:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (9887)
Size
21 kB (20974 bytes)
Hash
d635757cf1d3a21485ec82753d9607f5
fc8820921d3990a3fbe665723e0842dd1938eb7c
3abd2991add00ca8647b8d1013e5e093b2d15d9a16928de5a56fc3c802eebbd8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /js/intlTelInput.js HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:03:36 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 04:36:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20974
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.blackgeeksofdragoncon.com/js/app.js

207.55.248.94

200 OK

140 B

URL HTTP/1.1
www.blackgeeksofdragoncon.com/js/app.js
IP
207.55.248.94:0
ASN
#11989 WEBINT

File type
exported SGML document, ASCII text, with CRLF line terminators
Size
140 B (140 bytes)
Hash
e167ecafcc7b89e6d57e032127661710
fb71cdd273c59a89b30ce4bf3ce3d0b77153a61e
c00abee333cb0c0ce9d6566400670d1830518528f88e4a29f1a8040672d958e1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/app.js HTTP/1.1
Host: www.blackgeeksofdragoncon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/
Cookie: PHPSESSID=ga11hakm2qnmnuqm3nk8j0vkn0

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:59:28 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

www.blackgeeksofdragoncon.com/js/session-recorder.js

207.55.248.94

200 OK

140 B

URL HTTP/1.1
www.blackgeeksofdragoncon.com/js/session-recorder.js
IP
207.55.248.94:0
ASN
#11989 WEBINT

File type
exported SGML document, ASCII text, with CRLF line terminators
Size
140 B (140 bytes)
Hash
e167ecafcc7b89e6d57e032127661710
fb71cdd273c59a89b30ce4bf3ce3d0b77153a61e
c00abee333cb0c0ce9d6566400670d1830518528f88e4a29f1a8040672d958e1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/session-recorder.js HTTP/1.1
Host: www.blackgeeksofdragoncon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/
Cookie: PHPSESSID=ga11hakm2qnmnuqm3nk8j0vkn0

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:59:28 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/assets/app.css

207.55.248.94

200 OK

415 kB

URL HTTP/1.1
www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/assets/app.css
IP
207.55.248.94:0
ASN
#11989 WEBINT

File type
ASCII text
Size
415 kB (415045 bytes)
Hash
b33e59c592eb453d12f6a53179d8ef19
5d1863f728b58d4456e1b1d824d98fe56810e69e
a0b9419777f544b665051cae80f11bf8ff9f925072a9f062a3d82c383e6cdfde

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/uploads/2022/10/starten/assets/app.css HTTP/1.1
Host: www.blackgeeksofdragoncon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/
Cookie: PHPSESSID=ga11hakm2qnmnuqm3nk8j0vkn0

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:59:28 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Last-Modified: Tue, 12 Apr 2022 07:39:24 GMT
Accept-Ranges: bytes
Content-Length: 415045
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

dispatching-centre.lasamericascargo.com/images/logo.png

135.181.58.223

200 OK

2.0 kB

URL HTTP/1.1
dispatching-centre.lasamericascargo.com/images/logo.png
IP
135.181.58.223:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (1998 bytes)
Hash
5d14ab93691604e826e1319d53599eb9
78724360e9d25da584445b851e37bca05abe6b85
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:03:37 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 04:36:24 GMT
Accept-Ranges: bytes
Content-Length: 1998
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/png

dispatching-centre.lasamericascargo.com/images/all.png

135.181.58.223

200 OK

12 kB

URL HTTP/1.1
dispatching-centre.lasamericascargo.com/images/all.png
IP
135.181.58.223:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 123 x 84, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12499 bytes)
Hash
2cb0b7f615faf2deb9ec6f53d3149a3b
694a2c881c83e2ab86365bf1d16302ac5b9d500f
c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /images/all.png HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:03:37 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 04:36:24 GMT
Accept-Ranges: bytes
Content-Length: 12499
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: image/png

dispatching-centre.lasamericascargo.com/images/foo.png

135.181.58.223

200 OK

3.9 kB

URL HTTP/1.1
dispatching-centre.lasamericascargo.com/images/foo.png
IP
135.181.58.223:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 187 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
3.9 kB (3878 bytes)
Hash
11ff7152775863d8bf58eb585a3cfa46
25127f0e304d9145ef8a824a8be504664a799b7f
5c4b801e60c49235941cfc562ed465a951c937c668db31e3c1ba152513c672d3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /images/foo.png HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:03:37 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 04:36:32 GMT
Accept-Ranges: bytes
Content-Length: 3878
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: image/png

cdn.livechatinc.com/tracking.js

23.36.79.17

200 OK

26 kB

URL HTTP/2
cdn.livechatinc.com/tracking.js
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
26 kB (26103 bytes)
Hash
ad168b14a5b7efd5137559bade93ad14
7ba3e2c551fdf2879a757fbfcf5f42590269d010
3a4a1053c09137d9d25d118699d7389e019da7a9597b95a7504311b87111909c

HTTP Headers

GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 08:47:12 GMT
x-amz-version-id: iNzmqDcn1iRKaLiTk37THrDgz9osPO8C
server: AmazonS3
content-encoding: br
etag: W/"29e075294399875f6fd4bdaa0f4a20e4"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: qzl-0Ag5XGkDv_kWLbnI4JJvQy7icD_Dvire8pnIpy79iQNET2NH5w==
content-length: 26103
cache-control: max-age=28800
expires: Sat, 28 Jan 2023 04:03:45 GMT
date: Fri, 27 Jan 2023 20:03:45 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.blackgeeksofdragoncon.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80

207.55.248.94

200 OK

140 B

URL HTTP/1.1
www.blackgeeksofdragoncon.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
IP
207.55.248.94:0
ASN
#11989 WEBINT

File type
exported SGML document, ASCII text, with CRLF line terminators
Size
140 B (140 bytes)
Hash
e167ecafcc7b89e6d57e032127661710
fb71cdd273c59a89b30ce4bf3ce3d0b77153a61e
c00abee333cb0c0ce9d6566400670d1830518528f88e4a29f1a8040672d958e1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: www.blackgeeksofdragoncon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/assets/app.css
Cookie: PHPSESSID=ga11hakm2qnmnuqm3nk8j0vkn0

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:59:29 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

www.blackgeeksofdragoncon.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b

207.55.248.94

200 OK

140 B

URL HTTP/1.1
www.blackgeeksofdragoncon.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
IP
207.55.248.94:0
ASN
#11989 WEBINT

File type
exported SGML document, ASCII text, with CRLF line terminators
Size
140 B (140 bytes)
Hash
e167ecafcc7b89e6d57e032127661710
fb71cdd273c59a89b30ce4bf3ce3d0b77153a61e
c00abee333cb0c0ce9d6566400670d1830518528f88e4a29f1a8040672d958e1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1
Host: www.blackgeeksofdragoncon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/assets/app.css
Cookie: PHPSESSID=ga11hakm2qnmnuqm3nk8j0vkn0

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:59:29 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

www.blackgeeksofdragoncon.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2

207.55.248.94

200 OK

140 B

URL HTTP/1.1
www.blackgeeksofdragoncon.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
IP
207.55.248.94:0
ASN
#11989 WEBINT

File type
exported SGML document, ASCII text, with CRLF line terminators
Size
140 B (140 bytes)
Hash
e167ecafcc7b89e6d57e032127661710
fb71cdd273c59a89b30ce4bf3ce3d0b77153a61e
c00abee333cb0c0ce9d6566400670d1830518528f88e4a29f1a8040672d958e1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1
Host: www.blackgeeksofdragoncon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/assets/app.css
Cookie: PHPSESSID=ga11hakm2qnmnuqm3nk8j0vkn0

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:59:29 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7348
Expires: Fri, 27 Jan 2023 22:06:13 GMT
Date: Fri, 27 Jan 2023 20:03:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7348
Expires: Fri, 27 Jan 2023 22:06:13 GMT
Date: Fri, 27 Jan 2023 20:03:45 GMT
Connection: keep-alive

api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863281&url=http%3A%2F%2Fwww.blackgeeksofdragoncon.com%2Fwp-content%2Fuploads%2F2022%2F10%2Fstarten%2F&channel_type=code&jsonp=__k1ec0hp1rcq

23.36.79.17

200 OK

80 B

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14863281&url=http%3A%2F%2Fwww.blackgeeksofdragoncon.com%2Fwp-content%2Fuploads%2F2022%2F10%2Fstarten%2F&channel_type=code&jsonp=__k1ec0hp1rcq
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with no line terminators
Size
80 B (80 bytes)
Hash
c1a6263fe57e157b4013f232e507b2cf
5ad41788618b31abc12660b02d337e2042b13ad9
848e45971d2f588d5c4b6e0249ffb8649f5b20fe83d5d84de52f424bb2aad407

HTTP Headers

GET /v3.3/customer/action/get_dynamic_configuration?license_id=14863281&url=http%3A%2F%2Fwww.blackgeeksofdragoncon.com%2Fwp-content%2Fuploads%2F2022%2F10%2Fstarten%2F&channel_type=code&jsonp=__k1ec0hp1rcq HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 80
date: Fri, 27 Jan 2023 20:03:45 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7348
Expires: Fri, 27 Jan 2023 22:06:13 GMT
Date: Fri, 27 Jan 2023 20:03:45 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5669 bytes)
Hash
869cdfba2637cc932ce387317a3c485e
51d87a5223d87c959bf27b2a825dce0a28f52ada
6dc4247dd3110836195f9962463bd8265be89633e9e589bf19955991751c26fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5669
x-amzn-requestid: 17f6235c-d495-4813-9453-407331e0dcad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1ZSH4fIAMFxeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c3b-67ff5c7f416727670e7c3b21;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KGNpzuI2ny_1LH90atWa09SPYG7Ovolbv_KvL8nC6fUk59z-6TFsMQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 03:05:08 GMT
age: 61117
etag: "51d87a5223d87c959bf27b2a825dce0a28f52ada"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7365 bytes)
Hash
41fd0074a6ce752b1271302feade4cee
6311d1365504f06cb7516606c56c502d553c9d16
544c508899fe8855b0975a87cb0bf35663ab4ad0ec8fd057b3962d50cc001b8c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7365
x-amzn-requestid: c2a8ae3d-47f8-415f-bf08-78dd12ede3d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYRwEUbIAMFnag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0d7-38f72fec78120cf113c7a4f7;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w2YQTruAWzbdhCWhHu5V1Wj0DlkD6-BsEwgjtR9RJqqmStbW8mPS9w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:07 GMT
age: 80078
etag: "6311d1365504f06cb7516606c56c502d553c9d16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11568 bytes)
Hash
b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 18:36:01 GMT
age: 5264
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5943 bytes)
Hash
ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:48 GMT
age: 80037
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9595 bytes)
Hash
f62e9b7bdca82d18c945851912d8fea8
a7ca44d337c43bc5c6145b26778661c71cc50484
5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:48 GMT
age: 80037
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5737 bytes)
Hash
5e7158416f60576804ccff03307319fe
a342f94625e913fa6b8d862a59979f1e3ad80dd1
5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5737
x-amzn-requestid: cc977ea9-c418-4a5a-a13b-c86e16bbe6ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRGPFGL5oAMFiSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d050c6-2d540cac5ca7d4e64cfdb8bc;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 21:42:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uZnA5gkRlZyqamh_n3992G9PlMJa4gJ-mjSOQEysII73dDKLXmeXsg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 16:31:38 GMT
age: 12727
etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.blackgeeksofdragoncon.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c

207.55.248.94

200 OK

140 B

URL HTTP/1.1
www.blackgeeksofdragoncon.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
IP
207.55.248.94:0
ASN
#11989 WEBINT

File type
exported SGML document, ASCII text, with CRLF line terminators
Size
140 B (140 bytes)
Hash
e167ecafcc7b89e6d57e032127661710
fb71cdd273c59a89b30ce4bf3ce3d0b77153a61e
c00abee333cb0c0ce9d6566400670d1830518528f88e4a29f1a8040672d958e1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1
Host: www.blackgeeksofdragoncon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/assets/app.css
Cookie: PHPSESSID=ga11hakm2qnmnuqm3nk8j0vkn0

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:59:29 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

dispatching-centre.lasamericascargo.com/images/favicon.gif

135.181.58.223

200 OK

2.2 kB

URL HTTP/1.1
dispatching-centre.lasamericascargo.com/images/favicon.gif
IP
135.181.58.223:0
ASN
#24940 Hetzner Online GmbH

File type
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Size
2.2 kB (2238 bytes)
Hash
a6f1af8e79a11829ba9a66474b06bb97
d99e3ec7747c865033a8dfad43c9f49634404bc1
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /images/favicon.gif HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:03:37 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 04:36:32 GMT
Accept-Ranges: bytes
Content-Length: 2238
Keep-Alive: timeout=1, max=98
Connection: Keep-Alive
Content-Type: image/gif

www.blackgeeksofdragoncon.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f

207.55.248.94

200 OK

140 B

URL HTTP/1.1
www.blackgeeksofdragoncon.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
IP
207.55.248.94:0
ASN
#11989 WEBINT

File type
exported SGML document, ASCII text, with CRLF line terminators
Size
140 B (140 bytes)
Hash
e167ecafcc7b89e6d57e032127661710
fb71cdd273c59a89b30ce4bf3ce3d0b77153a61e
c00abee333cb0c0ce9d6566400670d1830518528f88e4a29f1a8040672d958e1

HTTP Headers

GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1
Host: www.blackgeeksofdragoncon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/wp-content/uploads/2022/10/starten/assets/app.css
Cookie: PHPSESSID=ga11hakm2qnmnuqm3nk8j0vkn0

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:59:29 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cdn.lr-in.com/logger-1.min.js

104.21.234.144

200 OK

0 B

URL HTTP/2
cdn.lr-in.com/logger-1.min.js
IP
104.21.234.144:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.blackgeeksofdragoncon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 27 Jan 2023 20:03:44 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"8d6659bc622d260a8c721467bbaa0ca41dfd9ad4e9a08044501865cfff0eceaf"
last-modified: Fri, 27 Jan 2023 18:33:07 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-ams21057-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1674844417.149018,VS0,VE44
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 271
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLD3nRCJ4QdUUuaMhPmxlqMD0MUbwN3DpIYWdmDGEgnzVSmAjDlp1jXyFNe%2Bav64XDjLSsC0c%2FJePL%2B9dIrI6KmlTpImrwY6hGJUhvrV1LFJ79tMFwnW%2F15HSKO3JvFe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790417e8bf9c7738-LHR
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML