Report - ship.dhlecommerce.co.uk/

Report Overview

Visited public
2024-09-06 14:20:48
Tags
salesforce phishing
Submit Tags
URL
ship.dhlecommerce.co.uk/
Finishing URL
loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment
IP / ASN
13.107.246.53
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Title
Sign in
Phishing - Salesforce

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dhlprduksstglrscldapi001.blob.core.windows.net	unknown	1995-08-10	2023-05-02 12:09:29	2023-12-13 15:50:13	1.9 kB	140 kB	20.209.88.161
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-05 18:12:32	981 B	2.7 kB	23.36.76.226
ship.dhlecommerce.co.uk	unknown	unknown	No data	No data	3.6 kB	1.3 MB	13.107.246.53
cdn.cookielaw.org	502	2011-06-20	2013-12-28 14:20:36	2024-09-05 19:04:33	5.0 kB	168 kB	104.18.86.42
loginb2cdhlparceluk.b2clogin.com	unknown	2017-07-17	2022-12-01 07:44:35	2023-12-13 15:50:11	5.1 kB	162 kB	20.190.177.85
privacyportal-de.onetrust.com	8687	2004-01-12	2018-05-25 11:58:46	2024-09-05 18:14:15	499 B	425 B	104.18.32.137
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2024-09-05 18:28:37	474 B	26 kB	151.101.1.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment	ScriptElement	5.1 kB	2024-09-19	2024-09-19
Pretty URL loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment IP 20.190.177.20 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-19 22:14 Last Seen2024-09-19 22:14 Times Seen1 Hash 909acf19b21185a9821adb8691d29d71 b6729cbcdfadedfc77c68b08e6b83afa0d1bc6ff 53c67267b04de780b061fd922892f4d23a1170225a85308eef4eecb60ac43e13 Loading...

	loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment	ScriptElement	198 B	2024-02-04	2024-09-19
Pretty URL loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment IP 20.190.177.20 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-04 10:22 Last Seen2024-09-19 22:14 Times Seen3 Hash dd8d9b73b6d8064d36d189690ad58177 f00a8b256f457d1efcef0b75772812254c0dddfb dbc42b730b4d909ab4b9e38f7c3377a60bc732a087d07a52069e0ac6b340141c Loading...

	loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment	ScriptElement	274 kB	2023-03-10	2025-07-10
Pretty URL loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment IP 20.190.177.20 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:55 Last Seen2025-07-10 19:08 Times Seen54 Hash 3211b732d865ab5af1119120ff467909 c278f3e0fb6be0d4da216a7fb48959786fa31f90 6b4b88d2b9b9ec53e0591dd8d9b90b7d94b4f896cd1e967d0a64a007d7a94beb Loading...

	loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment	ScriptElement	146 kB	2023-03-26	2025-07-02
Pretty URL loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment IP 20.190.177.20 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 01:36 Last Seen2025-07-02 01:47 Times Seen18 Hash fcd5319b7b92b04906fe070b78a8a331 9f3e5b3b0cec3d76b19d17163475246798d01297 f8cb1bab21850fd3ce6f38b5033fa237dd974c15802fac28adabedee16144f5a Loading...

	loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment	ScriptElement	157 B	2023-03-10	2025-07-12
Pretty URL loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment IP 20.190.177.20 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:38 Last Seen2025-07-12 16:52 Times Seen305 Hash 962b28e9f8133cc633b34f157319a734 b1e076e2501f602eacd091354c44dfd9df7eaa33 323f8b86e5da480dd2f2ea9b757ce8d6fbe9601b80a8ea2f191c43aca3495919 Loading...

HTTP Transactions (30)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
60ab18bb1e8dadb29ada046753dbc185
3d30d0b2ba9061fbd90500510f6f514476a1413f
50ed93ddadd4c6c89fbf4bfa5bc29814434ab19ed98c11f4b558b68b570d49f2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "50ED93DDADD4C6C89FBF4BFA5BC29814434AB19ED98C11F4B558B68B570D49F2"
Last-Modified: Thu, 05 Sep 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16696
Expires: Fri, 06 Sep 2024 18:58:37 GMT
Date: Fri, 06 Sep 2024 14:20:21 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
82ed4f353a1fcebb658989118dd4c1fd
38d42f944ef791a35cc533c5ae1de179914fd2fb
bad9cc283cd0ba6e1667ea32a79c9f5249de21d9facf6d394b8e239763fbbd64

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BAD9CC283CD0BA6E1667EA32A79C9F5249DE21D9FACF6D394B8E239763FBBD64"
Last-Modified: Thu, 05 Sep 2024 02:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7823
Expires: Fri, 06 Sep 2024 16:30:44 GMT
Date: Fri, 06 Sep 2024 14:20:21 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
671f1028acb179b5ebb80735bb2ebb67
c538067f2b5654ceaac8fa6139ce69a5593bfe7d
6b3a32b0876d605a30290830bd74e993b27d75769d77a52f927a04418461bf22

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "6B3A32B0876D605A30290830BD74E993B27D75769D77A52F927A04418461BF22"
Last-Modified: Thu, 05 Sep 2024 02:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8244
Expires: Fri, 06 Sep 2024 16:37:46 GMT
Date: Fri, 06 Sep 2024 14:20:22 GMT
Connection: keep-alive

ship.dhlecommerce.co.uk/

13.107.246.53

1.8 kB

URL
ship.dhlecommerce.co.uk/
IP
13.107.246.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, ASCII text, with very long lines (3705), with no line terminators
Size
1.8 kB (1773 bytes)
Hash
947d267b336793c4d8ac658732a5acb4
eb99f33aa698ed2687a855db0845b87481935bb4
180448abac19116ec21ec3b6645862ea6d997843a49a808cfbf336e23084c0e7

HTTP Headers

GET / HTTP/1.1
Host: ship.dhlecommerce.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:22 GMT
content-type: text/html
content-length: 1773
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
content-encoding: gzip
etag: "05143c7b0fdda1:0"
last-modified: Tue, 03 Sep 2024 03:24:26 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
x-azure-ref: 20240906T142022Z-17cdfd6bb6bkhtc7gvbqyk2ppg0000000awg00000000471k
strict-transport-security: max-age=31536000;
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
pragma: no-cache
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2

ship.dhlecommerce.co.uk/static/css/3.9a6b253a.chunk.css

13.107.246.53

9.0 kB

URL
ship.dhlecommerce.co.uk/static/css/3.9a6b253a.chunk.css
IP
13.107.246.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (34137)
Size
9.0 kB (9024 bytes)
Hash
ec5659b759cb5de1c0f75b2671f8db47
35ea903f587c3b63625cb1d981b459d07f8b6993
0bd6eb7ffc46ef358bb4799179db3d01015cb0288ac7127f8256c34a3e0ee6f3

HTTP Headers

GET /static/css/3.9a6b253a.chunk.css HTTP/1.1
Host: ship.dhlecommerce.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:22 GMT
content-type: text/css
content-length: 9024
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
content-encoding: gzip
etag: "05143c7b0fdda1:0"
last-modified: Tue, 03 Sep 2024 03:24:26 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
x-azure-ref: 20240906T142022Z-17cdfd6bb6bkhtc7gvbqyk2ppg0000000awg000000004721
strict-transport-security: max-age=31536000;
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
pragma: no-cache
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2

ship.dhlecommerce.co.uk/scripts/zip.js

13.107.246.53

8.2 kB

URL
ship.dhlecommerce.co.uk/scripts/zip.js
IP
13.107.246.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
8.2 kB (8231 bytes)
Hash
e02e86307fc6c3aa83229774b8bdfa4c
4a87e9ac938a57fe2772ce1a721f17f165ed1ef1
cd9f36dbf19c3867dc39154f109b7130a6f63c3890747378472f63d3d8e59d7e

HTTP Headers

GET /scripts/zip.js HTTP/1.1
Host: ship.dhlecommerce.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:22 GMT
content-type: application/x-javascript
content-length: 8231
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
content-encoding: gzip
etag: "05143c7b0fdda1:0"
last-modified: Tue, 03 Sep 2024 03:24:26 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
x-azure-ref: 20240906T142022Z-17cdfd6bb6bkhtc7gvbqyk2ppg0000000awg000000004723
strict-transport-security: max-age=31536000;
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
pragma: no-cache
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/otSDKStub.js

104.18.86.42

6.9 kB

URL
cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
104.18.86.42:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (21229)
Size
6.9 kB (6882 bytes)
Hash
692a3714ece78cee4017020f5b18a203
56333f0f458776357a95ba474307c271dec92280
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8

HTTP Headers

GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:22 GMT
content-type: application/javascript
content-length: 6882
content-encoding: gzip
content-md5: p+39a+/XEcZfNKybQjgXjA==
last-modified: Thu, 05 Sep 2024 06:33:12 GMT
etag: 0x8DCCD749DA8FD23
x-ms-request-id: 771b698c-901e-00ec-41c4-ff9bf3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 29284
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8bef19712d8b56b5-OSL
X-Firefox-Spdy: h2

ship.dhlecommerce.co.uk/scripts/zip-ext.js

13.107.246.53

2.3 kB

URL
ship.dhlecommerce.co.uk/scripts/zip-ext.js
IP
13.107.246.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
2.3 kB (2329 bytes)
Hash
f7357a70f25518da14da3bd2e8714c1e
f6398eaa252a991c9e665dfe3e1579416882d8ab
236d477f404a426680543786b8eb48a8ac4bc76f43e8b3401e7505c661ff12d1

HTTP Headers

GET /scripts/zip-ext.js HTTP/1.1
Host: ship.dhlecommerce.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:22 GMT
content-type: application/x-javascript
content-length: 2329
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
content-encoding: gzip
etag: "05143c7b0fdda1:0"
last-modified: Tue, 03 Sep 2024 03:24:26 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
x-azure-ref: 20240906T142022Z-17cdfd6bb6bkhtc7gvbqyk2ppg0000000awg000000004724
strict-transport-security: max-age=31536000;
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
pragma: no-cache
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2

ship.dhlecommerce.co.uk/static/css/main.43767f53.chunk.css

13.107.246.53

21 kB

URL
ship.dhlecommerce.co.uk/static/css/main.43767f53.chunk.css
IP
13.107.246.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size
21 kB (21400 bytes)
Hash
c76f47af6dd91b7f281f5157502ac92b
da6888ac91e0e4f582a30a4d8553ba0ac0639581
334531bd45539ec0cc95929c9956124817ed601d461bfadd9688241e1db40fc8

HTTP Headers

GET /static/css/main.43767f53.chunk.css HTTP/1.1
Host: ship.dhlecommerce.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:22 GMT
content-type: text/css
content-length: 21400
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
content-encoding: gzip
etag: "05143c7b0fdda1:0"
last-modified: Tue, 03 Sep 2024 03:24:26 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
x-azure-ref: 20240906T142022Z-17cdfd6bb6bkhtc7gvbqyk2ppg0000000awg000000004722
strict-transport-security: max-age=31536000;
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
pragma: no-cache
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2

ship.dhlecommerce.co.uk/scripts/deflate.js

13.107.246.53

20 kB

URL
ship.dhlecommerce.co.uk/scripts/deflate.js
IP
13.107.246.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
20 kB (19728 bytes)
Hash
e97a3a57d73d589c4083b5d01516c28d
c1ceba2114ee56e00db93876ad23976052fd5d2d
73d86700cca839cfbe379f5b8f97350db1f52653b372da82bd2c729a016d1246

HTTP Headers

GET /scripts/deflate.js HTTP/1.1
Host: ship.dhlecommerce.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:22 GMT
content-type: application/x-javascript
content-length: 19728
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
content-encoding: gzip
etag: "05143c7b0fdda1:0"
last-modified: Tue, 03 Sep 2024 03:24:26 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
x-azure-ref: 20240906T142022Z-17cdfd6bb6bkhtc7gvbqyk2ppg0000000awg000000004725
strict-transport-security: max-age=31536000;
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
pragma: no-cache
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2

ship.dhlecommerce.co.uk/static/js/main.3da4c0fa.chunk.js

13.107.246.53

259 kB

URL
ship.dhlecommerce.co.uk/static/js/main.3da4c0fa.chunk.js
IP
13.107.246.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
259 kB (259360 bytes)
Hash
65eb5f7777653f4164fd1c7478a09fd3
3f4ba254d5bc84e7fe5d2c6cc3c1313d58412de6
170bb4648520992cd832c67b48f4fec81cbcea6169ce586ca3e6339e2453c445

HTTP Headers

GET /static/js/main.3da4c0fa.chunk.js HTTP/1.1
Host: ship.dhlecommerce.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:22 GMT
content-type: application/x-javascript
content-length: 259360
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
content-encoding: gzip
etag: "05143c7b0fdda1:0"
last-modified: Tue, 03 Sep 2024 03:24:26 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
x-azure-ref: 20240906T142022Z-17cdfd6bb6bkhtc7gvbqyk2ppg0000000awg000000004727
strict-transport-security: max-age=31536000;
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
pragma: no-cache
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2

ship.dhlecommerce.co.uk/static/js/3.33beb584.chunk.js

13.107.246.53

1.0 MB

URL
ship.dhlecommerce.co.uk/static/js/3.33beb584.chunk.js
IP
13.107.246.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JavaScript source, ASCII text, with very long lines (65462)
Size
1.0 MB (1004584 bytes)
Hash
40f97dbd3217d0440f5819d358472ba8
dace7b323993a0cf24b48ba6a443cd0dbaba809d
cac2afe6db094e23d586d8f5f171c7c59f833d2f595ce26acf0eb8f23fc446cc

HTTP Headers

GET /static/js/3.33beb584.chunk.js HTTP/1.1
Host: ship.dhlecommerce.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:22 GMT
content-type: application/x-javascript
content-length: 1004584
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
content-encoding: gzip
etag: "05143c7b0fdda1:0"
last-modified: Tue, 03 Sep 2024 03:24:26 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
x-azure-ref: 20240906T142022Z-17cdfd6bb6bkhtc7gvbqyk2ppg0000000awg000000004726
strict-transport-security: max-age=31536000;
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
pragma: no-cache
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/6a5972c5-e8df-4fe6-aa47-2f764a4067e3/6a5972c5-e8df-4fe6-aa47-2f764a4067e3.json

104.18.86.42

1.5 kB

URL
cdn.cookielaw.org/consent/6a5972c5-e8df-4fe6-aa47-2f764a4067e3/6a5972c5-e8df-4fe6-aa47-2f764a4067e3.json
IP
104.18.86.42:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
1.5 kB (1545 bytes)
Hash
aacbbd03e8d51579abef17fb72f50513
8f42ccc4d690ee154992d9b2ed21d05dd25420e6
9d50dda6717fbaacf0ff3b58998ad3b21ca8d53031588e7ab14f16218c60c87c

HTTP Headers

GET /consent/6a5972c5-e8df-4fe6-aa47-2f764a4067e3/6a5972c5-e8df-4fe6-aa47-2f764a4067e3.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
Origin: https://ship.dhlecommerce.co.uk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:23 GMT
content-type: application/x-javascript
content-length: 1545
cf-ray: 8bef1974a8c90b59-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC009C33F08F8B
expires: Sat, 07 Sep 2024 14:20:23 GMT
last-modified: Tue, 19 Dec 2023 14:10:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: 77dofHV+q3m98zrKThu95Q==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ddf48fbb-901e-004f-01aa-9448d7000000
x-ms-version: 2009-09-19
server: cloudflare
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js

104.18.86.42

106 kB

URL
cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
IP
104.18.86.42:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
106 kB (106367 bytes)
Hash
f86de9d1fedddcd936c33e2a5af2cced
9d8b9089c14c57c8c2e20c7f73234d4e6e93f08f
df54c069da584ec929d42161c8fd19e74c7f408d70e6e7e0f8d27cc9c02a0ad9

HTTP Headers

GET /scripttemplates/202312.1.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:23 GMT
content-type: application/javascript
content-length: 106367
content-encoding: gzip
content-md5: omr+ywUvfLiKRTWN9kGq4A==
last-modified: Tue, 16 Jul 2024 20:28:15 GMT
etag: 0x8DCA5D5D2845E0F
x-ms-request-id: bd012e42-d01e-002c-4ac0-d711b7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 29281
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8bef197519c656b5-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/6a5972c5-e8df-4fe6-aa47-2f764a4067e3/fda8ba45-9d8d-4754-8eaf-cdf958f24eef/en.json

104.18.86.42

12 kB

URL
cdn.cookielaw.org/consent/6a5972c5-e8df-4fe6-aa47-2f764a4067e3/fda8ba45-9d8d-4754-8eaf-cdf958f24eef/en.json
IP
104.18.86.42:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
12 kB (12060 bytes)
Hash
c54fcc9db0b04dce6bb99726c4b54b8e
a240d1981fe97174ba3102da251c2a842556929c
e2c6cc54d302bdf362456a83da70ce98edf4cd54783256d0686be7997f6cfad3

HTTP Headers

GET /consent/6a5972c5-e8df-4fe6-aa47-2f764a4067e3/fda8ba45-9d8d-4754-8eaf-cdf958f24eef/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
Origin: https://ship.dhlecommerce.co.uk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:24 GMT
content-type: application/x-javascript
content-length: 12060
cf-ray: 8bef197b5faa0b59-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC009C35C61D12
expires: Sat, 07 Sep 2024 14:20:24 GMT
last-modified: Tue, 19 Dec 2023 14:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: o/P3Uo8WX9bQDtHq4/QuRw==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: e9e919da-601e-0053-0805-f48f85000000
x-ms-version: 2009-09-19
server: cloudflare
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/otPcCenter.json

104.18.86.42

13 kB

URL
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/otPcCenter.json
IP
104.18.86.42:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
13 kB (12700 bytes)
Hash
e37e6190b35051cd6a74b406fdc084a2
0f963ba1933d85859b8be164fa1949d4ff5d50af
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b

HTTP Headers

GET /scripttemplates/202312.1.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
Origin: https://ship.dhlecommerce.co.uk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:24 GMT
content-type: application/json
content-length: 12700
content-encoding: gzip
content-md5: KChx+n8xgg81I5yxMVql3g==
last-modified: Tue, 16 Jul 2024 20:28:09 GMT
etag: 0x8DCA5D5CECDCCB6
x-ms-request-id: 2a5c3c51-901e-006f-4753-d83b5e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8bef197c68890b59-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCookieSettingsButton.json

104.18.86.42

1.8 kB

URL
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCookieSettingsButton.json
IP
104.18.86.42:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
1.8 kB (1766 bytes)
Hash
908d490565e56f1d7768378581c08ef3
e9d8cf70776c9e08e27aec76ea9ca138bf8a55a2
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397

HTTP Headers

GET /scripttemplates/202312.1.0/assets/otCookieSettingsButton.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
Origin: https://ship.dhlecommerce.co.uk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:24 GMT
content-type: application/json
content-length: 1766
content-encoding: gzip
content-md5: QkB0+liyrI9neDq8p8to0g==
last-modified: Tue, 16 Jul 2024 20:28:09 GMT
etag: 0x8DCA5D5CE894897
x-ms-request-id: 04342bdc-301e-00ea-5c53-d86c8b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8bef197c688b0b59-OSL
X-Firefox-Spdy: h2

loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/v2.0/.well-known/openid-configuration

20.190.177.85

2.2 kB

URL
loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/v2.0/.well-known/openid-configuration
IP
20.190.177.85:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON text data
Size
2.2 kB (2151 bytes)
Hash
2156404b9c75c7ed1dc94f715ca3dcde
567313001625f2e539a028f536be4630968754be
e030ff797050340b64c1a1fc805bb9e8ae35bacfa702cfd4f94072ff8fceef18

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Salesforce

HTTP Headers

GET /loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/v2.0/.well-known/openid-configuration HTTP/1.1
Host: loginb2cdhlparceluk.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
Origin: https://ship.dhlecommerce.co.uk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
Content-Type: application/json; charset=utf-8
Set-Cookie: x-ms-cpim-trans=; domain=loginb2cdhlparceluk.b2clogin.com; expires=Sat, 06-Sep-2014 14:20:24 GMT; path=/; SameSite=None; secure; HttpOnly
x-ms-gateway-requestid: ffda2915-3a50-402f-9571-0978adf67ec8
Access-Control-Allow-Origin: https://ship.dhlecommerce.co.uk
Access-Control-Allow-Methods: GET, OPTIONS
X-Frame-Options: SAMEORIGIN
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: OPTIONS, TRACE, GET, HEAD, POST
Date: Fri, 06 Sep 2024 14:20:24 GMT
Content-Length: 2151

cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCenterRounded.json

104.18.86.42

2.6 kB

URL
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCenterRounded.json
IP
104.18.86.42:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
2.6 kB (2626 bytes)
Hash
17e5cf7e2fcaed7692184f43c4577219
f47f0887e191e30a49391514ceddabfc26cc9bd7
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b

HTTP Headers

GET /scripttemplates/202312.1.0/assets/otCenterRounded.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
Origin: https://ship.dhlecommerce.co.uk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:24 GMT
content-type: application/json
content-length: 2626
content-encoding: gzip
content-md5: LGA9RbysmTnHm69WIhZ6SQ==
last-modified: Tue, 16 Jul 2024 20:28:08 GMT
etag: 0x8DCA5D5CDF5EB98
x-ms-request-id: b18e48c5-b01e-003c-6c0f-d82751000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8bef197c68880b59-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/logos/9375bad7-f65e-4f8a-bc16-8254723bd66a/2e6e325f-a388-4956-893d-e0528c986bde/7a74d078-3552-4eef-a821-4bee9b2cc13f/DHL_Logo.PNG

104.18.86.42

1.8 kB

URL
cdn.cookielaw.org/logos/9375bad7-f65e-4f8a-bc16-8254723bd66a/2e6e325f-a388-4956-893d-e0528c986bde/7a74d078-3552-4eef-a821-4bee9b2cc13f/DHL_Logo.PNG
IP
104.18.86.42:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 197 x 53, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1756 bytes)
Hash
c11081bd2b7d36eafeb9e5c5d396d356
38b54ccb126e0b1f98b837bf0d086b44d8935b1b
904b70e4997d2154d462c8514522e03846ba539466c01c3b310a824ea4418caa

HTTP Headers

GET /logos/9375bad7-f65e-4f8a-bc16-8254723bd66a/2e6e325f-a388-4956-893d-e0528c986bde/7a74d078-3552-4eef-a821-4bee9b2cc13f/DHL_Logo.PNG HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:24 GMT
content-type: image/png
content-length: 1756
content-md5: wRCBvSt9Nur+ueXF05bTVg==
last-modified: Mon, 06 Sep 2021 11:41:31 GMT
etag: 0x8D9712B456D9768
x-ms-request-id: e3cb1a22-f01e-0082-2672-79783d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 9454
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8bef197dc98c56b5-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCommonStyles.css

104.18.86.42

11 kB

URL
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCommonStyles.css
IP
104.18.86.42:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
11 kB (11046 bytes)
Hash
200b8d87b49f277832333467f1437e85
a3a7a9c4224a26a20d85bbee1ea4c722293ff8b2
3f3523463793f741435ee5e80a821d55e121f038099af31bc17796d20f102750

HTTP Headers

GET /scripttemplates/202312.1.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
Origin: https://ship.dhlecommerce.co.uk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:24 GMT
content-type: text/css
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
last-modified: Tue, 16 Jul 2024 20:28:20 GMT
x-ms-request-id: 6556eba5-a01e-004e-17c9-e9566f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8bef197c78920b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

privacyportal-de.onetrust.com/request/v1/consentreceipts

104.18.32.137

0 B

URL
privacyportal-de.onetrust.com/request/v1/consentreceipts
IP
104.18.32.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /request/v1/consentreceipts HTTP/1.1
Host: privacyportal-de.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
Content-Type: text/plain;charset=UTF-8
Content-Length: 11668
Origin: https://ship.dhlecommerce.co.uk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 201 Created
date: Fri, 06 Sep 2024 14:20:24 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8bef197e2b39712b-OSL
X-Firefox-Spdy: h2

GET loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment

20.190.177.20

200 OK

156 kB

URL User Request GET HTTP/1.1
loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment
IP
20.190.177.20:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerDigiCert Inc
Subjectgraph.windows.net
FingerprintE4:75:6A:85:FE:F6:8E:25:DE:B3:7B:05:13:09:96:75:D8:81:67:A0
ValidityWed, 08 May 2024 00:00:00 GMT - Thu, 08 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (1210), with CRLF line terminators
Size
156 kB (156378 bytes)
Hash
49a0ce435fa774b077d5094b27c87991
e85e584166594cccaa60e4e70756049d33d94869
67e53d80a502613129266a680754a7e7a9b76249680e6bbe1c6e4914786537fb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Salesforce

HTTP Headers

GET /loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment HTTP/1.1
Host: loginb2cdhlparceluk.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
x-ms-gateway-requestid: bcca36da-f0f8-4346-a7c5-7f197bf64ea9
X-UA-Compatible: IE=edge
X-Request-ID: 8f599305-2e1a-425e-b878-d9412e2058c3
X-Build: 1.1.244.0
Content-Security-Policy-Report-Only: script-src 'strict-dynamic' 'self' 'nonce-WU2NWQ/ANuvqqef/2aBelA==' 'report-sample'; report-uri /loginb2cdhlparceluk.onmicrosoft.com/B2C_1A_signup_signin/client/cspreport?p=B2C_1A_signup_signin
X-Frame-Options: DENY
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: x-ms-cpim-csrf=QmRYd0FLR2d0YnpkRDcyTGg4emZGTVlneUowNEljM3cvMkVLRTBjRDBzcmJmMWRDeWZhSDMySTQwcW9hc09kSTV0YnBxV2tiSG5qQ0pNOEIvalJOTmc9PTsyMDI0LTA5LTA2VDE0OjIwOjI0Ljc0ODI5NTZaO2htSUVHSkdKVzJxR2JiSkEybzhOaEE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; domain=loginb2cdhlparceluk.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-cache|bznzjxouxkk4enlblibyww_0=m1.LPWTLZUhkUQ6I+9Q.JJbccKyw8livZRFod5FVNw==.0.wtMt3nLz4W6KrvCGeFmbXzfCr1OUd4Ap3tM9HTRG/NJ1ujESsK9M/cRa/E/YGciZVsZDOoH38uNK7BT7L0STWG/qBmSdIEVwKgqLWJzNNOPlrLW362oS1mO10X1jD53LR2LDTF2rdYgTKaD96OH4lv4Wo/G9cTtl02yyFR6r/N6tdLPTb6xQjxYWhFoGnbHmKk2VHYX6R565n/3KxOgbPYAj/eYQsgsIx625jnjlX086lzjDph7d42uk2xTVL6AjoG+LlK9otoG8vs2aeyFFeViIeDtPIhHJPFtrYGV/1yq2BjyuNmz7GJ91DNF4r80j1DymINlMvqPRRqz7Q9GSZV3fejTdlpBT7t+tzXGSOUzdnqB8Gp7rp/4Amapwp1hSvCYl7TQ2ZFb7CBY0xrQlsn9PA+JBnk02EiG6EeBywBDD6hhDjab3X6M9DkbTiGn1rh1WkmR/0mRxUN+nxjJEiMk3T9q0puENP/d3+9ZTj0qU82tzHB3J0/6Dxy9aY12hhW+Qt1QpsFr1Z2FYxl0V8kzbDrTfYjTAKJInGcvvJ43HC5tcilUDxDmWoC6zfMDcf6VWJK5PUvwGvd+V/uVPf+yrbH6iD8EiX9svfb/o/2XnKbBhPj8IgDxF55hIrgFxpd3bjm6xElDA730ob6B2dUJT2irq3LIjuhVH+YwLpzm3CqNSF6CItTq4XaXWJQV0dIvbsF2/qItOFhf0KCuNICxIxB43ttwJeIyOsU/n5LR7tS3UYfOk229nZ8g2xRjT9KQPdBJUX0v2PKXymyTWTqJtybglxkf3cZ9VG7nd1r4ebfk/592DHwczYA9VPJJsCwes/vSma3ir6CiNxDRCY/lRPHOYtQQa4KPcvLJ8whNXAebESIbLctBP5/5C+4CpcE3vqC3pmEhRjAPXjdIIXYmyqKL8yw6J5KKXOJqOomqElJrernP1wVI0ruGUJde9XGwVcC/jb71a6USyaH/NDQ==; domain=loginb2cdhlparceluk.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjhmNTk5MzA1LTJlMWEtNDI1ZS1iODc4LWQ5NDEyZTIwNThjMyIsIlQiOiJsb2dpbmIyY2RobHBhcmNlbHVrLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMWFfc2lnbnVwX3NpZ25pbiIsIkMiOiIzNGE1ZjZhMS1jMDU2LTQ5MzctODJiNS04ZDc0ZjgzNjAxYjIiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjhmNTk5MzA1LTJlMWEtNDI1ZS1iODc4LWQ5NDEyZTIwNThjMyJ9; domain=loginb2cdhlparceluk.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
Allow: OPTIONS, TRACE, GET, HEAD, POST
Date: Fri, 06 Sep 2024 14:20:24 GMT
Content-Length: 156378

cdn.cookielaw.org/logos/static/ot_guard_logo.svg

104.18.86.42

2.2 kB

URL
cdn.cookielaw.org/logos/static/ot_guard_logo.svg
IP
104.18.86.42:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
2.2 kB (2226 bytes)
Hash
b37a4acbdebf7af77711a1ff94c1345c
c26fa7a4b6aec2272765a08be9bcf1694a01d899
faa0a535bf5912e30bc29fd0ee8ad0d8ad83a301668d5889102d191eecf8321e

HTTP Headers

GET /logos/static/ot_guard_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ship.dhlecommerce.co.uk/
Origin: https://ship.dhlecommerce.co.uk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Sep 2024 14:20:24 GMT
content-type: image/svg+xml
content-md5: tXyZydHjxQshFMbbBT1/8A==
last-modified: Thu, 05 Sep 2024 06:33:13 GMT
x-ms-request-id: 37744f28-a01e-0023-509f-fffc41000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8bef197dda920b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/bootstrap.min.css

151.101.1.229

200 OK

25 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/bootstrap.min.css
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
Unicode text, UTF-8 text, with very long lines (65300)
Size
25 kB (25310 bytes)
Hash
bb84936d7c7700b31719a49340a42bd8
51c552a6ad57d57bd134949c3d5312881f51a893
0d4f6240127cf5d1cfda2caeb0283efb4c9c879e43031f102fa3fc09853ae1b2

HTTP Headers

GET /npm/bootstrap@5.0.0-beta3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loginb2cdhlparceluk.b2clogin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.0-beta3
x-jsd-version-type: version
etag: W/"25cfb-UcVSpq1X1XvRNJScPVMSiB9RqJM"
content-encoding: br
accept-ranges: bytes
date: Fri, 06 Sep 2024 14:20:25 GMT
age: 2605916
x-served-by: cache-fra-eddf8230038-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25310
X-Firefox-Spdy: h2

GET dhlprduksstglrscldapi001.blob.core.windows.net/root/common.css

20.209.88.161

200 OK

4.4 kB

URL GET HTTP/1.1
dhlprduksstglrscldapi001.blob.core.windows.net/root/common.css
IP
20.209.88.161:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
Fingerprint99:60:CF:F9:75:7D:22:50:FB:98:8E:CF:62:08:DF:69:75:A7:5B:10
ValidityThu, 18 Apr 2024 22:36:53 GMT - Sun, 13 Apr 2025 22:36:53 GMT

File type
ASCII text, with CRLF line terminators
Size
4.4 kB (4399 bytes)
Hash
a445af930e6c80fe434fbdca261b29e0
e9134051d7ae9f7d6882f3665f37968c087c51d4
93724fbd80d4923f94ca818b1420bcae22fc737cdbb4ec8cc52664a197d5fa92

HTTP Headers

GET /root/common.css HTTP/1.1
Host: dhlprduksstglrscldapi001.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loginb2cdhlparceluk.b2clogin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 4399
Content-Type: text/css
Content-MD5: pEWvkw5sgP5DT73KJhsp4A==
Last-Modified: Tue, 28 Sep 2021 02:58:47 GMT
ETag: 0x8D9822BE43DE958
Vary: Origin
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 55a3c6b3-701e-0071-1a67-00b4e6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 06 Sep 2024 14:20:24 GMT

GET dhlprduksstglrscldapi001.blob.core.windows.net/root/dhlLogo.svg

20.209.88.161

200 OK

1.6 kB

URL GET HTTP/1.1
dhlprduksstglrscldapi001.blob.core.windows.net/root/dhlLogo.svg
IP
20.209.88.161:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
Fingerprint99:60:CF:F9:75:7D:22:50:FB:98:8E:CF:62:08:DF:69:75:A7:5B:10
ValidityThu, 18 Apr 2024 22:36:53 GMT - Sun, 13 Apr 2025 22:36:53 GMT

File type
ASCII text, with very long lines (961), with CRLF line terminators
Size
1.6 kB (1611 bytes)
Hash
234ee29ac31ac44f1a1710c36152dbdc
e47c4014ef4598c1e08e66e53ea41e74038ae81d
de8f50425d7cd250d4f93de50b58bd8434836d28289d9be57df08da5e93a5e8d

HTTP Headers

GET /root/dhlLogo.svg HTTP/1.1
Host: dhlprduksstglrscldapi001.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loginb2cdhlparceluk.b2clogin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1611
Content-Type: image/svg+xml
Content-MD5: I07imsMaxE8aFxDDYVLb3A==
Last-Modified: Wed, 04 Aug 2021 11:28:46 GMT
ETag: 0x8D9573B061228D4
Vary: Origin
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 80bd55e3-101e-0015-7e67-00457e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 06 Sep 2024 14:20:25 GMT

POST loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/B2C_1A_signup_signin/client/perftrace?tx=StateProperties=eyJUSUQiOiI4ZjU5OTMwNS0yZTFhLTQyNWUtYjg3OC1kOTQxMmUyMDU4YzMifQ&p=B2C_1A_signup_signin

20.190.177.20

200 OK

0 B

URL POST HTTP/1.1
loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/B2C_1A_signup_signin/client/perftrace?tx=StateProperties=eyJUSUQiOiI4ZjU5OTMwNS0yZTFhLTQyNWUtYjg3OC1kOTQxMmUyMDU4YzMifQ&p=B2C_1A_signup_signin
IP
20.190.177.20:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment
Certificate
IssuerDigiCert Inc
Subjectgraph.windows.net
FingerprintE4:75:6A:85:FE:F6:8E:25:DE:B3:7B:05:13:09:96:75:D8:81:67:A0
ValidityWed, 08 May 2024 00:00:00 GMT - Thu, 08 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Salesforce

HTTP Headers

POST /loginb2cdhlparceluk.onmicrosoft.com/B2C_1A_signup_signin/client/perftrace?tx=StateProperties=eyJUSUQiOiI4ZjU5OTMwNS0yZTFhLTQyNWUtYjg3OC1kOTQxMmUyMDU4YzMifQ&p=B2C_1A_signup_signin HTTP/1.1
Host: loginb2cdhlparceluk.b2clogin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-CSRF-TOKEN: QmRYd0FLR2d0YnpkRDcyTGg4emZGTVlneUowNEljM3cvMkVLRTBjRDBzcmJmMWRDeWZhSDMySTQwcW9hc09kSTV0YnBxV2tiSG5qQ0pNOEIvalJOTmc9PTsyMDI0LTA5LTA2VDE0OjIwOjI0Ljc0ODI5NTZaO2htSUVHSkdKVzJxR2JiSkEybzhOaEE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
X-Requested-With: XMLHttpRequest
Content-Length: 2595
Origin: https://loginb2cdhlparceluk.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment
Cookie: x-ms-cpim-csrf=QmRYd0FLR2d0YnpkRDcyTGg4emZGTVlneUowNEljM3cvMkVLRTBjRDBzcmJmMWRDeWZhSDMySTQwcW9hc09kSTV0YnBxV2tiSG5qQ0pNOEIvalJOTmc9PTsyMDI0LTA5LTA2VDE0OjIwOjI0Ljc0ODI5NTZaO2htSUVHSkdKVzJxR2JiSkEybzhOaEE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; x-ms-cpim-cache|bznzjxouxkk4enlblibyww_0=m1.LPWTLZUhkUQ6I+9Q.JJbccKyw8livZRFod5FVNw==.0.wtMt3nLz4W6KrvCGeFmbXzfCr1OUd4Ap3tM9HTRG/NJ1ujESsK9M/cRa/E/YGciZVsZDOoH38uNK7BT7L0STWG/qBmSdIEVwKgqLWJzNNOPlrLW362oS1mO10X1jD53LR2LDTF2rdYgTKaD96OH4lv4Wo/G9cTtl02yyFR6r/N6tdLPTb6xQjxYWhFoGnbHmKk2VHYX6R565n/3KxOgbPYAj/eYQsgsIx625jnjlX086lzjDph7d42uk2xTVL6AjoG+LlK9otoG8vs2aeyFFeViIeDtPIhHJPFtrYGV/1yq2BjyuNmz7GJ91DNF4r80j1DymINlMvqPRRqz7Q9GSZV3fejTdlpBT7t+tzXGSOUzdnqB8Gp7rp/4Amapwp1hSvCYl7TQ2ZFb7CBY0xrQlsn9PA+JBnk02EiG6EeBywBDD6hhDjab3X6M9DkbTiGn1rh1WkmR/0mRxUN+nxjJEiMk3T9q0puENP/d3+9ZTj0qU82tzHB3J0/6Dxy9aY12hhW+Qt1QpsFr1Z2FYxl0V8kzbDrTfYjTAKJInGcvvJ43HC5tcilUDxDmWoC6zfMDcf6VWJK5PUvwGvd+V/uVPf+yrbH6iD8EiX9svfb/o/2XnKbBhPj8IgDxF55hIrgFxpd3bjm6xElDA730ob6B2dUJT2irq3LIjuhVH+YwLpzm3CqNSF6CItTq4XaXWJQV0dIvbsF2/qItOFhf0KCuNICxIxB43ttwJeIyOsU/n5LR7tS3UYfOk229nZ8g2xRjT9KQPdBJUX0v2PKXymyTWTqJtybglxkf3cZ9VG7nd1r4ebfk/592DHwczYA9VPJJsCwes/vSma3ir6CiNxDRCY/lRPHOYtQQa4KPcvLJ8whNXAebESIbLctBP5/5C+4CpcE3vqC3pmEhRjAPXjdIIXYmyqKL8yw6J5KKXOJqOomqElJrernP1wVI0ruGUJde9XGwVcC/jb71a6USyaH/NDQ==; x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjhmNTk5MzA1LTJlMWEtNDI1ZS1iODc4LWQ5NDEyZTIwNThjMyIsIlQiOiJsb2dpbmIyY2RobHBhcmNlbHVrLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMWFfc2lnbnVwX3NpZ25pbiIsIkMiOiIzNGE1ZjZhMS1jMDU2LTQ5MzctODJiNS04ZDc0ZjgzNjAxYjIiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjhmNTk5MzA1LTJlMWEtNDI1ZS1iODc4LWQ5NDEyZTIwNThjMyJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
x-ms-gateway-requestid: 3c1d658a-73c2-42a5-ae4d-dd40951002e2
X-Frame-Options: DENY
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: OPTIONS, TRACE, GET, HEAD, POST
Date: Fri, 06 Sep 2024 14:20:25 GMT
Content-Length: 0

GET dhlprduksstglrscldapi001.blob.core.windows.net/root/dhlLoginImg.png

20.209.88.161

200 OK

130 kB

URL GET HTTP/1.1
dhlprduksstglrscldapi001.blob.core.windows.net/root/dhlLoginImg.png
IP
20.209.88.161:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
Fingerprint99:60:CF:F9:75:7D:22:50:FB:98:8E:CF:62:08:DF:69:75:A7:5B:10
ValidityThu, 18 Apr 2024 22:36:53 GMT - Sun, 13 Apr 2025 22:36:53 GMT

File type
PNG image data, 804 x 579, 8-bit/color RGBA, non-interlaced
Size
130 kB (130441 bytes)
Hash
80f4e685fc44489805c84b5581fff946
256dfaac3a7418ec6eb0ed7924f3c75aa535575c
bd8965deb7f96e6685627ffc3bf3c3d263a1417cdc8d55efdf09f35e6d1382ea

HTTP Headers

GET /root/dhlLoginImg.png HTTP/1.1
Host: dhlprduksstglrscldapi001.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loginb2cdhlparceluk.b2clogin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 130441
Content-Type: image/png
Content-MD5: gPTmhfxESJgFyEtVgf/5Rg==
Last-Modified: Thu, 05 Aug 2021 06:26:59 GMT
ETag: 0x8D957DA07AA624F
Vary: Origin
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5e68012f-d01e-001a-4767-003312000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 06 Sep 2024 14:20:25 GMT

GET dhlprduksstglrscldapi001.blob.core.windows.net/root/customize-ui.html

20.209.88.161

200 OK

1.9 kB

URL GET HTTP/1.1
dhlprduksstglrscldapi001.blob.core.windows.net/root/customize-ui.html
IP
20.209.88.161:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6ImMzMmMzNTc0LWI1YjktNGE4MC1iYmViLTU1NThlNmQxMTkxNyIsInRzIjoxNzI1NjMyNDI0LCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=202bb740-84eb-4790-89cc-3132b0011dee&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=f27e83a7-6c5c-48ee-b701-c119eaac5595&response_mode=fragment
Certificate
IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
Fingerprint99:60:CF:F9:75:7D:22:50:FB:98:8E:CF:62:08:DF:69:75:A7:5B:10
ValidityThu, 18 Apr 2024 22:36:53 GMT - Sun, 13 Apr 2025 22:36:53 GMT

File type
HTML document, ASCII text, with very long lines (1998), with no line terminators
Size
1.9 kB (1885 bytes)
Hash
c5009a983abdefbfe64364af08932a21
600b7590f5b78e029d0504e9fe78637c25b0eaa4
1ca3484029b3349034de4fb01aadca821809d0cd52e75e76df4b6a0b3c696bd7

HTTP Headers

GET /root/customize-ui.html HTTP/1.1
Host: dhlprduksstglrscldapi001.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://loginb2cdhlparceluk.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://loginb2cdhlparceluk.b2clogin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1885
Content-Type: text/html
Content-MD5: n2gvtq2z0nev53uWvTcTYg==
Last-Modified: Tue, 21 May 2024 04:09:12 GMT
ETag: 0x8DC794BC564A10D
Vary: Origin
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e90ed572-601e-001f-2d67-00e1c9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: https://loginb2cdhlparceluk.b2clogin.com
Access-Control-Allow-Credentials: true
Date: Fri, 06 Sep 2024 14:20:24 GMT

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (30)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN