Report - ota-mirai.com/post/billing.php

Report Overview

Submitted URL
ota-mirai.com/post/billing.php
IP
45.33.122.227
ASN
#63949 Akamai Connected Cloud
Submitted
2024-03-28 12:23:16
Access
public
Website Title
Globális logisztika | Nemzetközi szállítás | DHL | Lengyelország
Final URL
ota-mirai.com/post/billing.php
Tags
dhl logistics phishing
urlquery detections
Phishing - DHL

Detections

urlquery
12
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ota-mirai.com	unknown	2020-10-21	2019-03-27	2024-03-28	5.5 kB	378 kB	45.33.122.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	ota-mirai.com/post/billing.php	0 B	2023-03-07	2024-04-27
Pretty URL ota-mirai.com/post/billing.php IP 45.33.122.227 ASN #63949 Akamai Connected Cloud Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 12:13:54 Times Seen37120227 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (12)

URL IP Response Size

ota-mirai.com/post/images/dhl-logo.svg

45.33.122.227

200 OK

1.6 kB

URL GET HTTP/2
ota-mirai.com/post/images/dhl-logo.svg
IP
45.33.122.227:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ota-mirai.com/post/billing.php
Certificate
IssuerLet's Encrypt
Subjectwww.ota-mirai.com
Fingerprint53:2F:53:07:06:AB:54:5B:E8:A3:11:0D:29:CC:60:F5:94:80:D4:8B
ValidityThu, 15 Feb 2024 23:10:30 GMT - Wed, 15 May 2024 23:10:29 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1603 bytes)
Hash
3fecc9db35d5d2a9e6e71ab4b02d22e5
628ba2f505b480097445aaf08649a08242bd6847
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /post/images/dhl-logo.svg HTTP/1.1
Host: ota-mirai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ota-mirai.com/post/billing.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 12:22:52 GMT
content-type: image/svg+xml
content-length: 1603
last-modified: Thu, 28 Mar 2024 07:10:44 GMT
etag: "660517f4-643"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ota-mirai.com/post/images/searchloupe.svg

45.33.122.227

200 OK

329 B

URL GET HTTP/2
ota-mirai.com/post/images/searchloupe.svg
IP
45.33.122.227:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ota-mirai.com/post/billing.php
Certificate
IssuerLet's Encrypt
Subjectwww.ota-mirai.com
Fingerprint53:2F:53:07:06:AB:54:5B:E8:A3:11:0D:29:CC:60:F5:94:80:D4:8B
ValidityThu, 15 Feb 2024 23:10:30 GMT - Wed, 15 May 2024 23:10:29 GMT

File type
SVG Scalable Vector Graphics image
Size
329 B (329 bytes)
Hash
3d7de098db257a26983280a316b9dc09
bb56940343b38534d1427390bc91cb251dfa6d18
fd85293d457b5dc514838dd7d5c7c1509a7eed60e23cb32ab9303666833eb98a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /post/images/searchloupe.svg HTTP/1.1
Host: ota-mirai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ota-mirai.com/post/billing.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 12:22:52 GMT
content-type: image/svg+xml
content-length: 329
last-modified: Thu, 28 Mar 2024 07:10:44 GMT
etag: "660517f4-149"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ota-mirai.com/post/images/headermobile.JPG

45.33.122.227

200 OK

9.1 kB

URL GET HTTP/2
ota-mirai.com/post/images/headermobile.JPG
IP
45.33.122.227:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ota-mirai.com/post/billing.php
Certificate
IssuerLet's Encrypt
Subjectwww.ota-mirai.com
Fingerprint53:2F:53:07:06:AB:54:5B:E8:A3:11:0D:29:CC:60:F5:94:80:D4:8B
ValidityThu, 15 Feb 2024 23:10:30 GMT - Wed, 15 May 2024 23:10:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 185x56, components 3
Size
9.1 kB (9061 bytes)
Hash
5bd5e8588c60476b1f05d3a98097bb9a
d5cc42e7f3ac4e3f99f37d0133b6aac3ad18e810
c600aea2fa4dad3a13560e01bedf9e6c45db0571c3257d9e53e51c4f8fbbc41f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /post/images/headermobile.JPG HTTP/1.1
Host: ota-mirai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ota-mirai.com/post/billing.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 12:22:52 GMT
content-type: image/jpeg
content-length: 9061
last-modified: Thu, 28 Mar 2024 07:10:44 GMT
etag: "660517f4-2365"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ota-mirai.com/post/images/saba9m.JPG

45.33.122.227

200 OK

8.0 kB

URL GET HTTP/2
ota-mirai.com/post/images/saba9m.JPG
IP
45.33.122.227:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ota-mirai.com/post/billing.php
Certificate
IssuerLet's Encrypt
Subjectwww.ota-mirai.com
Fingerprint53:2F:53:07:06:AB:54:5B:E8:A3:11:0D:29:CC:60:F5:94:80:D4:8B
ValidityThu, 15 Feb 2024 23:10:30 GMT - Wed, 15 May 2024 23:10:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 28x23, components 3
Size
8.0 kB (7956 bytes)
Hash
9c39dfb4e67c4e51c573e9206c531644
097e34f53e6e287377bd18f31be3cb69111b6815
d1b64fb7749d0d3c905c5244660a21f3d8e29699457f2889274c8a717742b6c5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /post/images/saba9m.JPG HTTP/1.1
Host: ota-mirai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ota-mirai.com/post/billing.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 12:22:52 GMT
content-type: image/jpeg
content-length: 7956
last-modified: Thu, 28 Mar 2024 07:10:44 GMT
etag: "660517f4-1f14"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ota-mirai.com/post/images/customer.svg

45.33.122.227

200 OK

1.6 kB

URL GET HTTP/2
ota-mirai.com/post/images/customer.svg
IP
45.33.122.227:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ota-mirai.com/post/billing.php
Certificate
IssuerLet's Encrypt
Subjectwww.ota-mirai.com
Fingerprint53:2F:53:07:06:AB:54:5B:E8:A3:11:0D:29:CC:60:F5:94:80:D4:8B
ValidityThu, 15 Feb 2024 23:10:30 GMT - Wed, 15 May 2024 23:10:29 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1623 bytes)
Hash
1b371d3a7372c07184eceb85cac5343c
47e5f403e20e06ad64e32488e5707249d9f8e6d6
0c3950f8653400246636960456db609af841feb691e53911e763ee282616a390

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /post/images/customer.svg HTTP/1.1
Host: ota-mirai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ota-mirai.com/post/billing.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 12:22:52 GMT
content-type: image/svg+xml
content-length: 1623
last-modified: Thu, 28 Mar 2024 07:10:44 GMT
etag: "660517f4-657"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ota-mirai.com/post/images/ssdsd.JPG

45.33.122.227

200 OK

7.9 kB

URL GET HTTP/2
ota-mirai.com/post/images/ssdsd.JPG
IP
45.33.122.227:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ota-mirai.com/post/billing.php
Certificate
IssuerLet's Encrypt
Subjectwww.ota-mirai.com
Fingerprint53:2F:53:07:06:AB:54:5B:E8:A3:11:0D:29:CC:60:F5:94:80:D4:8B
ValidityThu, 15 Feb 2024 23:10:30 GMT - Wed, 15 May 2024 23:10:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 28x28, components 3
Size
7.9 kB (7949 bytes)
Hash
fdd21be8e8d91f9612828bbdb7747a73
450367143011e254d1778cdce71748d768cb9259
7dcdd04db64c3edd7e9868c6238b622d33caee1e7bdadbf2623d801109eefef1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /post/images/ssdsd.JPG HTTP/1.1
Host: ota-mirai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ota-mirai.com/post/billing.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 12:22:52 GMT
content-type: image/jpeg
content-length: 7949
last-modified: Thu, 28 Mar 2024 07:10:44 GMT
etag: "660517f4-1f0d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ota-mirai.com/post/images/feedback.png

45.33.122.227

200 OK

1.6 kB

URL GET HTTP/2
ota-mirai.com/post/images/feedback.png
IP
45.33.122.227:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ota-mirai.com/post/billing.php
Certificate
IssuerLet's Encrypt
Subjectwww.ota-mirai.com
Fingerprint53:2F:53:07:06:AB:54:5B:E8:A3:11:0D:29:CC:60:F5:94:80:D4:8B
ValidityThu, 15 Feb 2024 23:10:30 GMT - Wed, 15 May 2024 23:10:29 GMT

File type
PNG image data, 35 x 126, 8-bit colormap, non-interlaced
Size
1.6 kB (1577 bytes)
Hash
50b476a98e8a8fcab1eac59777d9491a
e7c94532df83b7d56e5e6512408b342c6eeb9591
3221db8f898b88e467ebbb8ae155a37bd02087b3df197ad5c4ecead06db08cdf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /post/images/feedback.png HTTP/1.1
Host: ota-mirai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ota-mirai.com/post/billing.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 12:22:52 GMT
content-type: image/png
content-length: 1577
last-modified: Thu, 28 Mar 2024 07:10:44 GMT
etag: "660517f4-629"
expires: Sat, 27 Apr 2024 12:22:52 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ota-mirai.com/post/images/socials.JPG

45.33.122.227

200 OK

9.1 kB

URL GET HTTP/2
ota-mirai.com/post/images/socials.JPG
IP
45.33.122.227:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ota-mirai.com/post/billing.php
Certificate
IssuerLet's Encrypt
Subjectwww.ota-mirai.com
Fingerprint53:2F:53:07:06:AB:54:5B:E8:A3:11:0D:29:CC:60:F5:94:80:D4:8B
ValidityThu, 15 Feb 2024 23:10:30 GMT - Wed, 15 May 2024 23:10:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 238x49, components 3
Size
9.1 kB (9110 bytes)
Hash
8d8989b7f5fe29cc63b1843962399e4c
ec2b7cd2f1f624832c59836779a742c0ed9f20dc
1ace605596027318737abeca712c7a0d6d76f753cf82affba37c3d2f44862ae4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /post/images/socials.JPG HTTP/1.1
Host: ota-mirai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ota-mirai.com/post/billing.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 12:22:52 GMT
content-type: image/jpeg
content-length: 9110
last-modified: Thu, 28 Mar 2024 07:10:44 GMT
etag: "660517f4-2396"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ota-mirai.com/post/images/bedelhna.jpg

45.33.122.227

200 OK

320 kB

URL GET HTTP/2
ota-mirai.com/post/images/bedelhna.jpg
IP
45.33.122.227:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ota-mirai.com/post/billing.php
Certificate
IssuerLet's Encrypt
Subjectwww.ota-mirai.com
Fingerprint53:2F:53:07:06:AB:54:5B:E8:A3:11:0D:29:CC:60:F5:94:80:D4:8B
ValidityThu, 15 Feb 2024 23:10:30 GMT - Wed, 15 May 2024 23:10:29 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1680x920, components 3
Size
320 kB (320072 bytes)
Hash
ae03fca6b6a4d018c8cb958c8a24db6c
05b6084163b51ec1bc32aa23c98180e124e53a62
e97bdcfe18af48286583f57bc3a82f6c57dcbc2d2131f43ea575c90d2619db36

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /post/images/bedelhna.jpg HTTP/1.1
Host: ota-mirai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ota-mirai.com/post/css/header.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 12:22:53 GMT
content-type: image/jpeg
content-length: 320072
last-modified: Thu, 28 Mar 2024 07:10:44 GMT
etag: "660517f4-4e248"
expires: Sat, 27 Apr 2024 12:22:53 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ota-mirai.com/post/images/icon.png

45.33.122.227

200 OK

2.0 kB

URL GET HTTP/2
ota-mirai.com/post/images/icon.png
IP
45.33.122.227:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ota-mirai.com/post/billing.php
Certificate
IssuerLet's Encrypt
Subjectwww.ota-mirai.com
Fingerprint53:2F:53:07:06:AB:54:5B:E8:A3:11:0D:29:CC:60:F5:94:80:D4:8B
ValidityThu, 15 Feb 2024 23:10:30 GMT - Wed, 15 May 2024 23:10:29 GMT

File type
PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced
Size
2.0 kB (2016 bytes)
Hash
d011458153ebafc72aa151494c00df0c
65463bc6d44eae53813372c11c4b0ac843011d27
97f7ee4e158d34feb59abf8d05fb3782f57d1c62d6ef8dcff7a26be6ad54c6f9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /post/images/icon.png HTTP/1.1
Host: ota-mirai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ota-mirai.com/post/billing.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 12:22:53 GMT
content-type: image/png
content-length: 2016
last-modified: Thu, 28 Mar 2024 07:10:44 GMT
etag: "660517f4-7e0"
expires: Sat, 27 Apr 2024 12:22:53 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ota-mirai.com/post/billing.php

45.33.122.227

200 OK

6.0 kB

URL User Request GET HTTP/2
ota-mirai.com/post/billing.php
IP
45.33.122.227:443
ASN
#63949 Akamai Connected Cloud

Certificate
IssuerLet's Encrypt
Subjectwww.ota-mirai.com
Fingerprint53:2F:53:07:06:AB:54:5B:E8:A3:11:0D:29:CC:60:F5:94:80:D4:8B
ValidityThu, 15 Feb 2024 23:10:30 GMT - Wed, 15 May 2024 23:10:29 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6323), with no line terminators
Size
6.0 kB (5963 bytes)
Hash
93d69e7ccd854dd854bcf4c928c90950
a84ee9a916ec5cddb9ddba266f536d24f6bd5f54
b8c7372d62416cb0d74a46c3697b23d6f7c31b4a2484068f9e0007957d1c0678

HTTP Headers

GET /post/billing.php HTTP/1.1
Host: ota-mirai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 12:22:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ota-mirai.com/post/css/header.css

45.33.122.227

200 OK

7.5 kB

URL GET HTTP/2
ota-mirai.com/post/css/header.css
IP
45.33.122.227:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ota-mirai.com/post/billing.php
Certificate
IssuerLet's Encrypt
Subjectwww.ota-mirai.com
Fingerprint53:2F:53:07:06:AB:54:5B:E8:A3:11:0D:29:CC:60:F5:94:80:D4:8B
ValidityThu, 15 Feb 2024 23:10:30 GMT - Wed, 15 May 2024 23:10:29 GMT

File type
ASCII text, with very long lines (8235), with no line terminators
Size
7.5 kB (7469 bytes)
Hash
8642afb58a2d08e467fa4550f4dd9602
c289826016dde93978b747528c16cdd82b41d48a
2cfdcb4997856d9d5a98dbc6a6cc1292d8f284ccca864a8c16f5cd7ae366b339

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /post/css/header.css HTTP/1.1
Host: ota-mirai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ota-mirai.com/post/billing.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 12:22:52 GMT
content-type: text/css
last-modified: Thu, 28 Mar 2024 07:10:44 GMT
vary: Accept-Encoding
etag: W/"660517f4-1d2d"
expires: Fri, 29 Mar 2024 00:22:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (12)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type