{"report_id":"209390fc-a675-4080-9cb8-692be617c775","version":6,"status":"done","tags":["dhl","logistics","phishing"],"date":"2023-12-05T03:57:57Z","url":{"schema":"http","addr":"blog.playshifu.com/wp-content/app/tracking/cc.php","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":0,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"final":{"url":{"schema":"https","addr":"blog.playshifu.com/wp-content/app/tracking/cc.php","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"title":"Verification | DHL"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T09:04:39Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"blog.playshifu.com","ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"domain_registered":"2016-05-07","domain_rank":0,"first_seen":"2019-07-13 02:07:50","last_seen":"2023-10-24 12:01:03","alert_count":16,"request_count":15,"received_data":146444,"sent_data":8525,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.lr-in.com","ip":{"addr":"104.21.234.144","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-07-19","domain_rank":13237,"first_seen":"2021-07-19 16:36:56","last_seen":"2023-12-03 03:53:51","alert_count":0,"request_count":1,"received_data":847394,"sent_data":420,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dispatching-centre.lasamericascargo.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2000-05-05","domain_rank":0,"first_seen":"2022-04-06 21:56:33","last_seen":"2023-12-04 18:18:59","alert_count":0,"request_count":3,"received_data":0,"sent_data":1360,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-10-24","alert":"DHL Airways, Inc.","trigger":"blog.playshifu.com/wp-content/app/tracking/cc.php","verdict":"phishing","severity":"medium","comment":"DHL Airways, Inc.","link":"https://openphish.com","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.lr-in.com/logger-1.min.js","fqdn":"cdn.lr-in.com","domain":"lr-in.com","tld":"com"},"ip":{"addr":"104.21.234.144","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"be415574a856fccce77a0105716c4682","sha1":"6971ee2bf3d96c8965e9361339447325542b7f3c","sha256":"bcdc0d636aea1e1f941d9761c2b14f56c305a8423b7a344d9f183e83e180c386","sha512":"3a1bcfcbd36ab2f98929a9462d8d3d8c7950551f5e79d6fd31d65f9081952a56665bc9c9a460a6a78377af103c38c0c84a26fa8f34e5e60d3df914f61455687d","ssdeep":"24576:Fb9umHCXMY0xz8Sx2bFAvPMefgL1fGVTxtt7vpe1xaMyWase7EIwhXEjKbZDb1I3:Z9umHCIz8Sx2bFAvPMefgRfGVTxtt7vl","tlshash":"39051a883999f05203eb90e9103f2407f239591d546de0e0f3a6d9d6e8bd68e6177f3a","size":846393,"data":"","first_seen":"2023-12-05T00:19:00Z","last_seen":"2023-12-05T17:11:32Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blog.playshifu.com/wp-content/app/tracking/cc.php","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"introduction_type":"scriptElement","is_inline":true,"md5":"430ecc2f3cf84cff47c449d145e6d4b0","sha1":"9ea2d341b5ebc9668ad944047c439953d5928826","sha256":"c27ea770946ea916def48e311fae08371c423fdd8486a2b7b7e0ca874613bb41","sha512":"d649263fe45621012c744c8c6dafe292260d5ac6c816f74ec2a0c67fdf3022c31a11285d3ae0bf3298ac481cf5beaf996fc46f5acc3d5246a3acfb46ef0efb71","ssdeep":"","tlshash":"eac08c71282208048068848217626700aa63b86281e0b800ff5c9a421f3050342bc28e","size":165,"data":"","first_seen":"2023-03-07T01:34:15Z","last_seen":"2026-03-15T15:35:12.795593Z","times_seen":645,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blog.playshifu.com/wp-content/app/tracking/cc.php","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"introduction_type":"scriptElement","is_inline":true,"md5":"a870e9d213023e1900b0c6fb46bdfa1f","sha1":"e82c3b3e3277d2db60522af0fc2eb9a1a3f342fa","sha256":"5818cb1b843c3187db11715b9a3c015591aa4e106a89559689b8016a784a9bca","sha512":"ec6a9f756fbefe94cd42f9ac90b450cecac56da68699dfe453b5de68533c92ebd75515ae12a5fbacd02a22d73c27168b404cb25d35af20a1ea4912c05df0a055","ssdeep":"","tlshash":"e9d012e984a80323ba7723163e9d490f95cc028b483086533ccc13401f54181c9143b3","size":221,"data":"","first_seen":"2023-03-07T01:34:15Z","last_seen":"2026-03-15T15:35:12.796412Z","times_seen":643,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blog.playshifu.com/wp-content/app/tracking/cc.php","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"introduction_type":"scriptElement","is_inline":true,"md5":"81280e6be9081837195e24a7268f9138","sha1":"35546d7f9c581846d7a215968de50e2aa70d778f","sha256":"27da46f0dbe279737be8e490e90b3858972852d6a504ef1974c3e588996ab731","sha512":"18c1af66dd383e6f2eee4e085a60fc30feb55e521f6df6b9f5493051abf5842d0e8e4977daea3d9b85f35962dd1bae2e060f28026534b7f03733f3d90c191ed6","ssdeep":"","tlshash":"d1e0121cfca29a405073745e5ebf401819ad011b27468f94b96c1ed94fe4096d8e244e","size":437,"data":"","first_seen":"2023-03-07T01:34:15Z","last_seen":"2026-03-15T15:35:12.797272Z","times_seen":643,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"blog.playshifu.com/wp-content/app/tracking/cc.php","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-05T03:57:44.948Z","timestamp":1701748664948,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /wp-content/app/tracking/cc.php HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 05 Dec 2023 03:57:39 GMT\r\nServer: Apache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nSet-Cookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf; path=/\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 10661\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10661,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- assembler source text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (570), with CRLF line terminators","md5":"0c7ce5303c50ae97e638a0ab362bdc6a","sha1":"cc5815014e1e65e9cdb4206866679a708b26b0b4","sha256":"3ba9eabbf2e435e30704520a0eae9359f93e8158b7e4d378717a062b870608a5","sha512":"a9bac05fd01e8c58605e967d5a546d15a6397769263e294cc6df3fe5bc1ca8b9983f3776346777a757a4da0c5f811f8f00d3ff390e28b87934e532f8234412a3","ssdeep":"384:q4wy8/1z+RHg4g3tIwPMzXPKdyAdHUZh2POexyW7QW7j72EVLsAeb8DTGTRhEHaK:nw+H78tIwPWidOT3W8Wn72EVYAeY3","tlshash":"09735d7852d146268877c2c16b742b55ffd5d20bcb8a464236fc3bb71fb5dcaa803868","first_seen":"2023-12-05T04:57:58Z","last_seen":"2023-12-05T04:57:58Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1460,"timings":{"blocked":633,"dns":0,"connect":191,"send":0,"wait":194,"receive":1,"ssl":437},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-10-24","alert":"DHL Airways, Inc.","trigger":"blog.playshifu.com/wp-content/app/tracking/cc.php","verdict":"phishing","severity":"medium","comment":"DHL Airways, Inc.","link":"https://openphish.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/wp-content/app/tracking/assets/app.css","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.026Z","timestamp":1701748666026,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /wp-content/app/tracking/assets/app.css HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/cc.php\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 05 Dec 2023 03:57:40 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 01 Sep 2023 02:38:12 GMT\r\nETag: \"65545-604430d41cd00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 56795\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":56795,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"b33e59c592eb453d12f6a53179d8ef19","sha1":"5d1863f728b58d4456e1b1d824d98fe56810e69e","sha256":"a0b9419777f544b665051cae80f11bf8ff9f925072a9f062a3d82c383e6cdfde","sha512":"9aa37b0d4a45e03e532311d89cbe2d527fa31c31f8c2e88a3b162bf8e567120a878158fd24c94b3c9afe6a2f22497055295d101c04aa8362c3b44b17e58cb596","ssdeep":"6144:xBpn28RBJwAXjxNC7sjwYJjSYn+5tOS1aIcnf43sWNa6AN46B:/N28Rv9L+5tOS1aIcnf4A","tlshash":"30948469d5f71854964bd07425aa27607339708bd90e8c6dbace7b8ccfc929484e2fcc","first_seen":"2023-04-05T14:02:21Z","last_seen":"2026-03-15T15:35:12.791839Z","times_seen":433,"resource_available":false,"data":null}},"time_used":401,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":195,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/wp-content/app/tracking/assets/logo.png","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.030Z","timestamp":1701748666030,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /wp-content/app/tracking/assets/logo.png HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/cc.php\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 05 Dec 2023 03:57:40 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 01 Sep 2023 02:38:12 GMT\r\nETag: \"7ce-604430d41cd00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1998\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1998,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5d14ab93691604e826e1319d53599eb9","sha1":"78724360e9d25da584445b851e37bca05abe6b85","sha256":"3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756","sha512":"dc91304849c5d9b54124ce5a0fa47c9d0bffb35090479fafb4dcd7cff9b75d0467a3aa3d7837d1e1ef418f3f961dc9d31d65387c701646febb792f1ab2ededaa","ssdeep":"","tlshash":"64410ce64550006945b6e5453834e191ee79d4608f5f29b0562658b44d6c317b0ddbf1","first_seen":"2023-04-09T22:53:28Z","last_seen":"2026-05-18T12:36:26.712609Z","times_seen":9322,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":384,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/wp-content/app/tracking/assets/col.png","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.031Z","timestamp":1701748666031,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /wp-content/app/tracking/assets/col.png HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/cc.php\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 05 Dec 2023 03:57:40 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 01 Sep 2023 02:38:12 GMT\r\nETag: \"2aa-604430d41cd00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 682\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":682,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 39 x 28, 8-bit/color RGBA, non-interlaced\\012- data","md5":"f9f5c8ccd73adc2df4d9e3acb9e24f85","sha1":"ae26c7c6a83b6446179383c3b109fbad8b92c034","sha256":"381941fc8b5df86879d6e2fcf3392d281b796c33f430f045405a0e6af0e474b9","sha512":"b8433c2f8767f3d0ce611b5a278310fc554ececbd6f8ac567d30471bd21fc1ddfb7de2922c0c905926d12b2b955fa849f8b0cb32d538f205e54a2f4e8104933a","ssdeep":"","tlshash":"5901838a833780acebcda29601bb445300bf25e7302354ad5b78a4390ed385809433a3","first_seen":"2023-05-07T10:38:00Z","last_seen":"2026-03-15T15:35:12.783139Z","times_seen":610,"resource_available":false,"data":null}},"time_used":985,"timings":{"blocked":386,"dns":0,"connect":197,"send":0,"wait":197,"receive":0,"ssl":203},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/wp-content/app/tracking/assets/pak.png","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.033Z","timestamp":1701748666033,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /wp-content/app/tracking/assets/pak.png HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/cc.php\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 05 Dec 2023 03:57:40 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 01 Sep 2023 02:38:12 GMT\r\nETag: \"17c-604430d41cd00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 380\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":380,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 27, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5c71f27c78f2fa4c03011a7c22b82496","sha1":"686900b9ead294ff018699e3fa65c023e5b41de0","sha256":"eb6ca62c1e5d64c52be3ffa63c298dcda2483c04c4b17d1bfe605d134e52f91b","sha512":"ceb51685733cfe4f2d353a314e032a8fc7bdfb2afa4b0f4991702deb9264d4ace7c949ee248963ff64e0fcd9c2337e141080c36875bf19b8e0f52721de7fc371","ssdeep":"","tlshash":"34e068e59b03796ceae800a7d4235080d56a696f1d16268ee99299709aafcd4824dbc0","first_seen":"2023-05-07T10:38:00Z","last_seen":"2026-03-15T15:35:12.789992Z","times_seen":611,"resource_available":false,"data":null}},"time_used":998,"timings":{"blocked":392,"dns":0,"connect":198,"send":0,"wait":199,"receive":0,"ssl":206},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/wp-content/app/tracking/assets/clan.png","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.037Z","timestamp":1701748666037,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /wp-content/app/tracking/assets/clan.png HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/cc.php\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 05 Dec 2023 03:57:40 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 01 Sep 2023 02:38:12 GMT\r\nETag: \"1db-604430d41cd00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 475\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":475,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 27 x 29, 8-bit/color RGBA, non-interlaced\\012- data","md5":"e00004714ce72691e26f9b61c9810780","sha1":"51385af6cb9a9d372c3151e67d331ddc1b92b3c4","sha256":"b8b7e6c193f0b11bece8c12b305cbf15130bc99b32ae92426eb747a3da3264d6","sha512":"a2dfb57ab3c8458e0eed2a565c3355982f078db347fe9af4c67c13980e7e04db243de7d2681545daddfec375f9e5f0ae931becc36eb40332135f87f8099407a0","ssdeep":"","tlshash":"90f054c271c898ac9d0bb2871da352305d9b45ff05d510887ed8e07ff426e840dc1760","first_seen":"2023-05-07T10:38:01Z","last_seen":"2026-03-15T15:35:12.792675Z","times_seen":610,"resource_available":false,"data":null}},"time_used":991,"timings":{"blocked":389,"dns":1,"connect":198,"send":0,"wait":198,"receive":0,"ssl":203},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/js/app.js","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.042Z","timestamp":1701748666042,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /js/app.js HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/cc.php\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 05 Dec 2023 03:57:40 GMT\r\nServer: Apache\r\nExpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nCache-Control: no-cache, must-revalidate, max-age=0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":7565,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (854)","md5":"404d9b49cfac05f64b9dfeb11e546a42","sha1":"5b3d7e55ac41d9900fe4ccffb497db102dc2edf6","sha256":"50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929","sha512":"4225e967d41b4488e1bd387a125528a03c519921653ded180bbaa3666f7139200b41f67d864cdc72baff5fa604a42a80ca9312ee440affcad7da0572e2082063","ssdeep":"192:MN49TEyaS32jc7IBolBQIL9A545qeEtm8/QYm8mQSCXE:MNEaqSoZ9AS1wYYV9Y","tlshash":"97f1633565b604369dc7824837db1b1f20aa9b07d6038f283afde758bfb2c51a4526f4","first_seen":"2023-12-05T04:57:58Z","last_seen":"2024-08-20T16:44:22.643138Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1020,"timings":{"blocked":361,"dns":0,"connect":190,"send":0,"wait":271,"receive":0,"ssl":195},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/js/session-recorder.js","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.043Z","timestamp":1701748666043,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /js/session-recorder.js HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/cc.php\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 05 Dec 2023 03:57:40 GMT\r\nServer: Apache\r\nExpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nCache-Control: no-cache, must-revalidate, max-age=0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":7565,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (854)","md5":"404d9b49cfac05f64b9dfeb11e546a42","sha1":"5b3d7e55ac41d9900fe4ccffb497db102dc2edf6","sha256":"50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929","sha512":"4225e967d41b4488e1bd387a125528a03c519921653ded180bbaa3666f7139200b41f67d864cdc72baff5fa604a42a80ca9312ee440affcad7da0572e2082063","ssdeep":"192:MN49TEyaS32jc7IBolBQIL9A545qeEtm8/QYm8mQSCXE:MNEaqSoZ9AS1wYYV9Y","tlshash":"97f1633565b604369dc7824837db1b1f20aa9b07d6038f283afde758bfb2c51a4526f4","first_seen":"2023-12-05T04:57:58Z","last_seen":"2024-08-20T16:44:22.643138Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1030,"timings":{"blocked":366,"dns":1,"connect":194,"send":0,"wait":269,"receive":0,"ssl":198},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/wp-content/app/tracking/assets/alert.png","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.040Z","timestamp":1701748666040,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /wp-content/app/tracking/assets/alert.png HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/cc.php\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 05 Dec 2023 03:57:40 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 01 Sep 2023 02:38:12 GMT\r\nETag: \"1d5-604430d41cd00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 469\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":469,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 18, 8-bit/color RGBA, non-interlaced\\012- data","md5":"16291265180a2dbcd246ada0b44ea35a","sha1":"63eb909a37d9730a40955bebf35542cfc1a5ede9","sha256":"b36e63b78f7ab077c9f74269deec4010ae803b687b27ca13e6aa58712520bb84","sha512":"85f687f93406b168e61a7af0a169acc3d7bc44fbeb0d2e6ec1a8748901691ebe41ddc1d25e4ba40bcac0efa75583e7d7c5b13ee7b95a84c5aaf26efb0cbf9469","ssdeep":"","tlshash":"acf0d4c2d799e865f7aa503755a1479162ac159c98c5a188447306791084b50c75f701","first_seen":"2023-05-07T10:38:01Z","last_seen":"2026-03-15T15:35:12.793672Z","times_seen":611,"resource_available":false,"data":null}},"time_used":784,"timings":{"blocked":584,"dns":0,"connect":0,"send":0,"wait":199,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b","fqdn":"blog.playshifu.com","domain":"blog.playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.522Z","timestamp":1701748666522,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/assets/app.css\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 05 Dec 2023 03:57:40 GMT\r\nServer: Apache\r\nExpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nCache-Control: no-cache, must-revalidate, max-age=0\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":7565,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (854)","md5":"404d9b49cfac05f64b9dfeb11e546a42","sha1":"5b3d7e55ac41d9900fe4ccffb497db102dc2edf6","sha256":"50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929","sha512":"4225e967d41b4488e1bd387a125528a03c519921653ded180bbaa3666f7139200b41f67d864cdc72baff5fa604a42a80ca9312ee440affcad7da0572e2082063","ssdeep":"192:MN49TEyaS32jc7IBolBQIL9A545qeEtm8/QYm8mQSCXE:MNEaqSoZ9AS1wYYV9Y","tlshash":"97f1633565b604369dc7824837db1b1f20aa9b07d6038f283afde758bfb2c51a4526f4","first_seen":"2023-12-05T04:57:58Z","last_seen":"2024-08-20T16:44:22.643138Z","times_seen":2,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":84,"dns":0,"connect":0,"send":0,"wait":269,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80","fqdn":"blog.playshifu.com","domain":"blog.playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.526Z","timestamp":1701748666526,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/assets/app.css\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 05 Dec 2023 03:57:40 GMT\r\nServer: Apache\r\nExpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nCache-Control: no-cache, must-revalidate, max-age=0\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":7565,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (854)","md5":"404d9b49cfac05f64b9dfeb11e546a42","sha1":"5b3d7e55ac41d9900fe4ccffb497db102dc2edf6","sha256":"50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929","sha512":"4225e967d41b4488e1bd387a125528a03c519921653ded180bbaa3666f7139200b41f67d864cdc72baff5fa604a42a80ca9312ee440affcad7da0572e2082063","ssdeep":"192:MN49TEyaS32jc7IBolBQIL9A545qeEtm8/QYm8mQSCXE:MNEaqSoZ9AS1wYYV9Y","tlshash":"97f1633565b604369dc7824837db1b1f20aa9b07d6038f283afde758bfb2c51a4526f4","first_seen":"2023-12-05T04:57:58Z","last_seen":"2024-08-20T16:44:22.643138Z","times_seen":2,"resource_available":false,"data":null}},"time_used":359,"timings":{"blocked":88,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/wp-content/app/tracking/assets/foo.png","fqdn":"blog.playshifu.com","domain":"playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.041Z","timestamp":1701748666041,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /wp-content/app/tracking/assets/foo.png HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/cc.php\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 05 Dec 2023 03:57:40 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 01 Sep 2023 02:38:12 GMT\r\nETag: \"44f0-604430d41cd00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 17648\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17648,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 18, 8-bit/color RGBA, non-interlaced\\012- data","md5":"f748283f1bdef35cbe2d225eccbe3895","sha1":"c03c1864ca13cc124d7faf7d4bb11515fd40d814","sha256":"cae9d5adf2b0220c74a93b644c26d53e27c3a87f9b5d3fe57d06442e808074a2","sha512":"093dd0969f8c46a318b3f92885a84cc763c9a03d7ef81074df92e27084bd8be18af807cac4fba28bc32ddf8a5bdda2cffc6071f6d6cb2ab5cdb4f4d021f15a73","ssdeep":"96:9S9S5kEWRgxNXIsc5IPD/wryKKW56vVd0YvD1qxIt1vqGbe9GvxLKBw2:9Sw5ktubwrSW56vYYvZqRr8vEG2","tlshash":"cd823c14f8f0b175c0b998364de53116ac331947d9529c81bfce8c25af14f992c5fa9a","first_seen":"2023-08-15T11:56:12Z","last_seen":"2026-03-15T15:35:12.794669Z","times_seen":542,"resource_available":false,"data":null}},"time_used":981,"timings":{"blocked":584,"dns":0,"connect":0,"send":0,"wait":199,"receive":198,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c","fqdn":"blog.playshifu.com","domain":"blog.playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.883Z","timestamp":1701748666883,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/assets/app.css\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 05 Dec 2023 03:57:41 GMT\r\nServer: Apache\r\nExpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nCache-Control: no-cache, must-revalidate, max-age=0\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":7565,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (854)","md5":"404d9b49cfac05f64b9dfeb11e546a42","sha1":"5b3d7e55ac41d9900fe4ccffb497db102dc2edf6","sha256":"50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929","sha512":"4225e967d41b4488e1bd387a125528a03c519921653ded180bbaa3666f7139200b41f67d864cdc72baff5fa604a42a80ca9312ee440affcad7da0572e2082063","ssdeep":"192:MN49TEyaS32jc7IBolBQIL9A545qeEtm8/QYm8mQSCXE:MNEaqSoZ9AS1wYYV9Y","tlshash":"97f1633565b604369dc7824837db1b1f20aa9b07d6038f283afde758bfb2c51a4526f4","first_seen":"2023-12-05T04:57:58Z","last_seen":"2024-08-20T16:44:22.643138Z","times_seen":2,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":290,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2","fqdn":"blog.playshifu.com","domain":"blog.playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.895Z","timestamp":1701748666895,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/assets/app.css\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 05 Dec 2023 03:57:41 GMT\r\nServer: Apache\r\nExpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nCache-Control: no-cache, must-revalidate, max-age=0\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":7565,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (854)","md5":"404d9b49cfac05f64b9dfeb11e546a42","sha1":"5b3d7e55ac41d9900fe4ccffb497db102dc2edf6","sha256":"50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929","sha512":"4225e967d41b4488e1bd387a125528a03c519921653ded180bbaa3666f7139200b41f67d864cdc72baff5fa604a42a80ca9312ee440affcad7da0572e2082063","ssdeep":"192:MN49TEyaS32jc7IBolBQIL9A545qeEtm8/QYm8mQSCXE:MNEaqSoZ9AS1wYYV9Y","tlshash":"97f1633565b604369dc7824837db1b1f20aa9b07d6038f283afde758bfb2c51a4526f4","first_seen":"2023-12-05T04:57:58Z","last_seen":"2024-08-20T16:44:22.643138Z","times_seen":2,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"blog.playshifu.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f","fqdn":"blog.playshifu.com","domain":"blog.playshifu.com","tld":"com"},"ip":{"addr":"65.2.181.228","port":443,"asn":16509,"as":"AMAZON-02","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:47.189Z","timestamp":1701748667189,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blog.playshifu.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 05:23:56 GMT","end":"Fri, 23 Feb 2024 05:23:55 GMT"},"fingerprint":{"sha1":"E7:02:71:75:3F:F3:60:09:B1:CA:19:B0:4E:08:F5:4D:6F:E2:C9:8D","sha256":"6B:65:FB:C5:9C:B5:91:D4:81:77:80:F3:3A:CB:5B:CB:FA:45:EF:13:C1:F1:BF:96:87:A7:8D:A5:26:B7:AB:29"}}},"request":{"raw":"GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1\r\nHost: blog.playshifu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/wp-content/app/tracking/assets/app.css\r\nCookie: PHPSESSID=nbh5f1udt3ae3anicc1oo54epf\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 05 Dec 2023 03:57:41 GMT\r\nServer: Apache\r\nExpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nCache-Control: no-cache, must-revalidate, max-age=0\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":7565,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (854)","md5":"404d9b49cfac05f64b9dfeb11e546a42","sha1":"5b3d7e55ac41d9900fe4ccffb497db102dc2edf6","sha256":"50965d8872e211b4dce04af135ec7f294b9713f932bd67ddea3e9a03970bb929","sha512":"4225e967d41b4488e1bd387a125528a03c519921653ded180bbaa3666f7139200b41f67d864cdc72baff5fa604a42a80ca9312ee440affcad7da0572e2082063","ssdeep":"192:MN49TEyaS32jc7IBolBQIL9A545qeEtm8/QYm8mQSCXE:MNEaqSoZ9AS1wYYV9Y","tlshash":"97f1633565b604369dc7824837db1b1f20aa9b07d6038f283afde758bfb2c51a4526f4","first_seen":"2023-12-05T04:57:58Z","last_seen":"2024-08-20T16:44:22.643138Z","times_seen":2,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.lr-in.com/logger-1.min.js","fqdn":"cdn.lr-in.com","domain":"lr-in.com","tld":"com"},"ip":{"addr":"104.21.234.144","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.029Z","timestamp":1701748666029,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lr-in.com","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Nov 2023 13:20:34 GMT","end":"Sat, 10 Feb 2024 13:20:33 GMT"},"fingerprint":{"sha1":"06:C7:A4:83:83:3B:72:D9:6B:66:09:15:2F:3A:52:FD:1F:E4:05:24","sha256":"D2:63:0C:1B:53:D8:A9:09:36:EC:2F:D7:84:E5:B3:11:99:5A:19:AE:10:DE:A4:D8:08:C7:32:CD:84:84:FC:3F"}}},"request":{"raw":"GET /logger-1.min.js HTTP/1.1\r\nHost: cdn.lr-in.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 05 Dec 2023 03:57:40 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncross-origin-resource-policy: cross-origin\r\netag: W/\"005d938d68d6486d3a3995d83dafb80b6f92d96ce6ccec75169b0f59a5359bdb\"\r\nlast-modified: Mon, 04 Dec 2023 21:49:30 GMT\r\nstrict-transport-security: max-age=31556926\r\nx-served-by: cache-hel1410034-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nx-timer: S1701726748.461860,VS0,VE39\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 55\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=9cwtEdPHHEMIUZd%2BO3eN7%2B2Y71PYTrdwgBdD4ItUoWcGKdVcHWH9NLAK4ZmQ2y3Cn9W5c4Z94IQiszhoIRl%2BEGS0exfAMdoL7FiI161iInUPm88Wlk60x6ksmBPEWK4c\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 83095dc71b99d93f-HEL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":846393,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-18T21:11:19.743147Z","times_seen":15406478,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":61,"dns":32,"connect":13,"send":0,"wait":34,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dispatching-centre.lasamericascargo.com/js/intlTelInput.js","fqdn":"dispatching-centre.lasamericascargo.com","domain":"lasamericascargo.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.046Z","timestamp":1701748666046,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /js/intlTelInput.js HTTP/1.1\r\nHost: dispatching-centre.lasamericascargo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-18T21:11:19.743147Z","times_seen":15406478,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dispatching-centre.lasamericascargo.com/images/favicon.gif","fqdn":"dispatching-centre.lasamericascargo.com","domain":"lasamericascargo.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:49.254Z","timestamp":1701748669254,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /images/favicon.gif HTTP/1.1\r\nHost: dispatching-centre.lasamericascargo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-18T21:11:19.743147Z","times_seen":15406478,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dispatching-centre.lasamericascargo.com/js/card.js","fqdn":"dispatching-centre.lasamericascargo.com","domain":"lasamericascargo.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://blog.playshifu.com/wp-content/app/tracking/cc.php","date":"2023-12-05T03:57:46.045Z","timestamp":1701748666045,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /js/card.js HTTP/1.1\r\nHost: dispatching-centre.lasamericascargo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blog.playshifu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-18T21:11:19.743147Z","times_seen":15406478,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}