blog.playshifu.com/wp-content/app/tracking/cc.php
65.2.181.228200 OK 11 kB URL User Request GET HTTP/1.1 blog.playshifu.com/wp-content/app/tracking/cc.php
IP 65.2.181.228:443
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (570), with CRLF line terminators
Hash 0c7ce5303c50ae97e638a0ab362bdc6a
cc5815014e1e65e9cdb4206866679a708b26b0b4
3ba9eabbf2e435e30704520a0eae9359f93e8158b7e4d378717a062b870608a5
Analyzer Verdict Alert urlquery phishing Phishing - DHL
OpenPhish phishing DHL Airways, Inc.
GET /wp-content/app/tracking/cc.php HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 03:57:39 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10661
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
blog.playshifu.com/wp-content/app/tracking/assets/app.css
65.2.181.228200 OK 57 kB URL GET HTTP/1.1 blog.playshifu.com/wp-content/app/tracking/assets/app.css
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
Hash b33e59c592eb453d12f6a53179d8ef19
5d1863f728b58d4456e1b1d824d98fe56810e69e
a0b9419777f544b665051cae80f11bf8ff9f925072a9f062a3d82c383e6cdfde
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /wp-content/app/tracking/assets/app.css HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/cc.php
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 03:57:40 GMT
Server: Apache
Last-Modified: Fri, 01 Sep 2023 02:38:12 GMT
ETag: "65545-604430d41cd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 56795
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
blog.playshifu.com/wp-content/app/tracking/assets/logo.png
65.2.181.228200 OK 2.0 kB URL GET HTTP/1.1 blog.playshifu.com/wp-content/app/tracking/assets/logo.png
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d14ab93691604e826e1319d53599eb9
78724360e9d25da584445b851e37bca05abe6b85
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /wp-content/app/tracking/assets/logo.png HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/cc.php
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 03:57:40 GMT
Server: Apache
Last-Modified: Fri, 01 Sep 2023 02:38:12 GMT
ETag: "7ce-604430d41cd00"
Accept-Ranges: bytes
Content-Length: 1998
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
blog.playshifu.com/wp-content/app/tracking/assets/col.png
65.2.181.228200 OK 682 B URL GET HTTP/1.1 blog.playshifu.com/wp-content/app/tracking/assets/col.png
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type PNG image data, 39 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash f9f5c8ccd73adc2df4d9e3acb9e24f85
ae26c7c6a83b6446179383c3b109fbad8b92c034
381941fc8b5df86879d6e2fcf3392d281b796c33f430f045405a0e6af0e474b9
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /wp-content/app/tracking/assets/col.png HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/cc.php
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 03:57:40 GMT
Server: Apache
Last-Modified: Fri, 01 Sep 2023 02:38:12 GMT
ETag: "2aa-604430d41cd00"
Accept-Ranges: bytes
Content-Length: 682
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
blog.playshifu.com/wp-content/app/tracking/assets/pak.png
65.2.181.228200 OK 380 B URL GET HTTP/1.1 blog.playshifu.com/wp-content/app/tracking/assets/pak.png
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type PNG image data, 32 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c71f27c78f2fa4c03011a7c22b82496
686900b9ead294ff018699e3fa65c023e5b41de0
eb6ca62c1e5d64c52be3ffa63c298dcda2483c04c4b17d1bfe605d134e52f91b
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /wp-content/app/tracking/assets/pak.png HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/cc.php
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 03:57:40 GMT
Server: Apache
Last-Modified: Fri, 01 Sep 2023 02:38:12 GMT
ETag: "17c-604430d41cd00"
Accept-Ranges: bytes
Content-Length: 380
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
blog.playshifu.com/wp-content/app/tracking/assets/clan.png
65.2.181.228200 OK 475 B URL GET HTTP/1.1 blog.playshifu.com/wp-content/app/tracking/assets/clan.png
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type PNG image data, 27 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash e00004714ce72691e26f9b61c9810780
51385af6cb9a9d372c3151e67d331ddc1b92b3c4
b8b7e6c193f0b11bece8c12b305cbf15130bc99b32ae92426eb747a3da3264d6
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /wp-content/app/tracking/assets/clan.png HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/cc.php
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 03:57:40 GMT
Server: Apache
Last-Modified: Fri, 01 Sep 2023 02:38:12 GMT
ETag: "1db-604430d41cd00"
Accept-Ranges: bytes
Content-Length: 475
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
blog.playshifu.com/js/app.js
65.2.181.228404 Not Found 7.6 kB URL GET HTTP/1.1 blog.playshifu.com/js/app.js
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (854)
Hash 404d9b49cfac05f64b9dfeb11e546a42
5b3d7e55ac41d9900fe4ccffb497db102dc2edf6
50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /js/app.js HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/cc.php
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 05 Dec 2023 03:57:40 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
blog.playshifu.com/js/session-recorder.js
65.2.181.228404 Not Found 7.6 kB URL GET HTTP/1.1 blog.playshifu.com/js/session-recorder.js
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (854)
Hash 404d9b49cfac05f64b9dfeb11e546a42
5b3d7e55ac41d9900fe4ccffb497db102dc2edf6
50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /js/session-recorder.js HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/cc.php
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 05 Dec 2023 03:57:40 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
blog.playshifu.com/wp-content/app/tracking/assets/alert.png
65.2.181.228200 OK 469 B URL GET HTTP/1.1 blog.playshifu.com/wp-content/app/tracking/assets/alert.png
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type PNG image data, 20 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 16291265180a2dbcd246ada0b44ea35a
63eb909a37d9730a40955bebf35542cfc1a5ede9
b36e63b78f7ab077c9f74269deec4010ae803b687b27ca13e6aa58712520bb84
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /wp-content/app/tracking/assets/alert.png HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/cc.php
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 03:57:40 GMT
Server: Apache
Last-Modified: Fri, 01 Sep 2023 02:38:12 GMT
ETag: "1d5-604430d41cd00"
Accept-Ranges: bytes
Content-Length: 469
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
blog.playshifu.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
65.2.181.228404 Not Found 7.6 kB URL GET HTTP/1.1 blog.playshifu.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (854)
Hash 404d9b49cfac05f64b9dfeb11e546a42
5b3d7e55ac41d9900fe4ccffb497db102dc2edf6
50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/assets/app.css
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 05 Dec 2023 03:57:40 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
blog.playshifu.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
65.2.181.228404 Not Found 7.6 kB URL GET HTTP/1.1 blog.playshifu.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (854)
Hash 404d9b49cfac05f64b9dfeb11e546a42
5b3d7e55ac41d9900fe4ccffb497db102dc2edf6
50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/assets/app.css
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 05 Dec 2023 03:57:40 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
blog.playshifu.com/wp-content/app/tracking/assets/foo.png
65.2.181.228200 OK 18 kB URL GET HTTP/1.1 blog.playshifu.com/wp-content/app/tracking/assets/foo.png
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type PNG image data, 187 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash f748283f1bdef35cbe2d225eccbe3895
c03c1864ca13cc124d7faf7d4bb11515fd40d814
cae9d5adf2b0220c74a93b644c26d53e27c3a87f9b5d3fe57d06442e808074a2
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /wp-content/app/tracking/assets/foo.png HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/cc.php
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 03:57:40 GMT
Server: Apache
Last-Modified: Fri, 01 Sep 2023 02:38:12 GMT
ETag: "44f0-604430d41cd00"
Accept-Ranges: bytes
Content-Length: 17648
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
blog.playshifu.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
65.2.181.228404 Not Found 7.6 kB URL GET HTTP/1.1 blog.playshifu.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (854)
Hash 404d9b49cfac05f64b9dfeb11e546a42
5b3d7e55ac41d9900fe4ccffb497db102dc2edf6
50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/assets/app.css
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 05 Dec 2023 03:57:41 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
blog.playshifu.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
65.2.181.228404 Not Found 7.6 kB URL GET HTTP/1.1 blog.playshifu.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (854)
Hash 404d9b49cfac05f64b9dfeb11e546a42
5b3d7e55ac41d9900fe4ccffb497db102dc2edf6
50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/assets/app.css
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 05 Dec 2023 03:57:41 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
blog.playshifu.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
65.2.181.228404 Not Found 7.6 kB URL GET HTTP/1.1 blog.playshifu.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
IP 65.2.181.228:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectblog.playshifu.com
FingerprintE7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D
ValiditySat, 25 Nov 2023 05:23:56 GMT - Fri, 23 Feb 2024 05:23:55 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (854)
Hash 404d9b49cfac05f64b9dfeb11e546a42
5b3d7e55ac41d9900fe4ccffb497db102dc2edf6
50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1
Host: blog.playshifu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/wp-content/app/tracking/assets/app.css
Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 05 Dec 2023 03:57:41 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
cdn.lr-in.com/logger-1.min.js
104.21.234.144200 OK 846 kB URL GET HTTP/2 cdn.lr-in.com/logger-1.min.js
IP 104.21.234.144:443
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Certificate IssuerLet's Encrypt
Subjectlr-in.com
Fingerprint06:C7:A4:83:83:3B:72:D9:6B:66:09:15:2F:3A:52:FD:1F:E4:05:24
ValiditySun, 12 Nov 2023 13:20:34 GMT - Sat, 10 Feb 2024 13:20:33 GMT
Size 846 kB (846393 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 03:57:40 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"005d938d68d6486d3a3995d83dafb80b6f92d96ce6ccec75169b0f59a5359bdb"
last-modified: Mon, 04 Dec 2023 21:49:30 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-hel1410034-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1701726748.461860,VS0,VE39
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 55
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cwtEdPHHEMIUZd%2BO3eN7%2B2Y71PYTrdwgBdD4ItUoWcGKdVcHWH9NLAK4ZmQ2y3Cn9W5c4Z94IQiszhoIRl%2BEGS0exfAMdoL7FiI161iInUPm88Wlk60x6ksmBPEWK4c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83095dc71b99d93f-HEL
content-encoding: br
X-Firefox-Spdy: h2
dispatching-centre.lasamericascargo.com/js/intlTelInput.js
0.0.0.0 0 B URL GET dispatching-centre.lasamericascargo.com/js/intlTelInput.js
IP 0.0.0.0:0
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/intlTelInput.js HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
dispatching-centre.lasamericascargo.com/images/favicon.gif
0.0.0.0 0 B URL GET dispatching-centre.lasamericascargo.com/images/favicon.gif
IP 0.0.0.0:0
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/favicon.gif HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
dispatching-centre.lasamericascargo.com/js/card.js
0.0.0.0 0 B URL GET dispatching-centre.lasamericascargo.com/js/card.js
IP 0.0.0.0:0
Requested by https://blog.playshifu.com/wp-content/app/tracking/cc.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/card.js HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.playshifu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache