myorders.hopp.to/78922
185.230.60.168301 Moved Permanently 116 B IP 185.230.60.168:0
File type HTML document, ASCII text, with no line terminators
Hash b0c237663565a33681ad87852c26e420
00ed21dd2429451fafcb8bc344988745fa054bfb
db724a424053e020cabaeee715465ce33898736eeacf12541ab1b864235fd909
Analyzer Verdict Alert fortinet Phishing
GET /78922 HTTP/1.1
Host: myorders.hopp.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Dec 2022 04:10:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 116
Connection: keep-alive
location: https://myorders.hopp.to/78922
vary: Accept
pragma: no-cache
cache-control: no-store, no-cache
X-Seen-By: gv/XVF9HsGpk8A2KWukUzOwfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLp4sYwYx2UgZC4DZhzpOwcVGkFvVdT2Nq6f3Hedj7ewB,jdDt270t0fniy2BugWKBrYx308/2LGY2s3XvtbRcv8t9FkMEnd2lmjdBywX4tuYo4RPrZiEEX+bjAtF/QNh+eQ==,osV03DUdKaEVOGwoQFgPYgwEf2P3a+d6tuWmxTIuXjc=,sQ19iEk473qMiaixh4sATs+CaOYYliceyIn3kF9K+hU=,+uTU9+1sCZnsE97RKVWjWtvAVKETjEmE9kZOg9C7kOe53yrXzN8G8PW6FqAF55JL
X-Wix-Request-Id: 1671336610.4043058369882129980
Server: Pepyaka/1.19.10
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12080
Expires: Sun, 18 Dec 2022 07:31:30 GMT
Date: Sun, 18 Dec 2022 04:10:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19557
Expires: Sun, 18 Dec 2022 09:36:07 GMT
Date: Sun, 18 Dec 2022 04:10:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 18 Dec 2022 03:45:24 GMT
content-type: application/json
age: 1486
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4332
Expires: Sun, 18 Dec 2022 05:22:22 GMT
Date: Sun, 18 Dec 2022 04:10:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QsCca9MkKPeugRuHKVGv1Ka026l2TJMumNkrl9l5x+88V0gE28hwWbsPTvZY7oLZR9SXxyEePOs=
x-amz-request-id: B6QVE9CARHKK1GTB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 18 Dec 2022 03:53:57 GMT
age: 973
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 04:10:10 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e2e0da957a297d6bbb078284396239ab
180e280af478659fe2c652f1411b83c8299a2483
b2878576d7e642e8dc13da56a608810a5b7ffa467d6dc4e70e59cfe128f92aa9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 04:10:10 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 15 Dec 2022 23:35:58 GMT
Expires: Thu, 22 Dec 2022 23:35:57 GMT
Etag: "180e280af478659fe2c652f1411b83c8299a2483"
Cache-Control: max-age=414946,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77b50c18f82bb500-OSL
myorders.hopp.to/78922
185.230.60.168302 Found 100 B IP 185.230.60.168:0
File type HTML document, ASCII text, with no line terminators
Hash 4e1a211e8de3753bf6e8b06e54def4f2
0b37bd4a48fd0de2973f8e0a2997c70e61cc7b0c
6a7487adc80e7db03c188807e10798b7ef309fd86e75268df8448a2b9faac1fe
Analyzer Verdict Alert fortinet Phishing
GET /78922 HTTP/1.1
Host: myorders.hopp.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 18 Dec 2022 04:10:10 GMT
content-type: text/html; charset=utf-8
content-length: 100
location: https://dpd.item-order.link/
vary: Accept, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache
x-seen-by: m0j2EEknGIVUW/liY8BLLquxVSF9nMFA2iLo/JtJR4Qa0sM5c8dDUFHeNaFq0qDu,jdDt270t0fniy2BugWKBra2aXJU+QlSNZkIQDVbfRUY9z4JG7XPlJg/avZdiW+kfBFNjNRTmQgt5BwMmIVG00A==,osV03DUdKaEVOGwoQFgPYl7ich+iEDq2OU8Wb8/LLPk=,sQ19iEk473qMiaixh4sATrPKK1VJHnxj3Gd+a5lVIGc=,+uTU9+1sCZnsE97RKVWjWivqoch5nXwcpVTHPfTb7tGj2SF7rMzs3dZeZMIQ5lIv
x-wix-request-id: 1671336610.8283068052588129744
server: Pepyaka/1.19.10
x-content-type-options: nosniff
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 18 Dec 2022 04:08:00 GMT
age: 131
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d1752cd6eb7f48e7494373911a5b996
43d9c23c4d03cccce0fc478f0e12c0874dc762fd
aded7fd1d638c001b0b462fdfeee0549d2ed61b51ced88eb83690e2e20ed36d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3445
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 04:10:11 GMT
Last-Modified: Sun, 18 Dec 2022 03:12:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.49.154101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.49.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9qArKJU8T4a51Q+A8tZDQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kUTftpqdRqfpue8wf7JIxIKZ03M=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3802e923d531b62733586b23906f3cf4
0bff0aaec872649ceeeadacbc8d5590cfaffef42
ee95dc2eb6355e185f9376461062481133b431a034aa7086389e85af6eb5d452
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE95DC2EB6355E185F9376461062481133B431A034AA7086389E85AF6EB5D452"
Last-Modified: Sat, 17 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21563
Expires: Sun, 18 Dec 2022 10:09:34 GMT
Date: Sun, 18 Dec 2022 04:10:11 GMT
Connection: keep-alive
dpd.item-order.link/
176.113.81.59200 OK 247 B IP 176.113.81.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 11ac8ff5ae0e5c81e06b2544c5f6e9d0
458548b7e661013478e9bc3fa6b5afdb4a26392a
6e61029e911e3caffad80134685794a88164608ceee4ab23281470d40fecc9cf
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 04:10:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 247
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
176.113.81.59200 OK 4.8 kB URL HTTP/1.1 dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
IP 176.113.81.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (545), with CRLF, LF line terminators
Hash 69e19ab5866f5a1316308a7d36131a96
4a94646ff798a11c43a57457bb5ff636a44c7604
fd0d0363a6ef0ea451258a212a85b746d3848444d4a8b0c217d19c961c837151
GET /book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 04:10:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4803
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
dpd.item-order.link/parse/real.css?kRzKmcx-kdQB-InmvcvRZzGBbUV
176.113.81.59200 OK 20 kB URL HTTP/1.1 dpd.item-order.link/parse/real.css?kRzKmcx-kdQB-InmvcvRZzGBbUV
IP 176.113.81.59:0
File type ASCII text, with very long lines (348)
Hash 07a0a934ff02070484d8d38936a7d267
7381fb6cffbfa05b9343a2870172990d3fbb611a
03b7fb452893e2e0ac1b09b606fc3bc521df3435e1158341b3f08906d9b96198
Analyzer Verdict Alert fortinet Phishing
GET /parse/real.css?kRzKmcx-kdQB-InmvcvRZzGBbUV HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 04:10:02 GMT
Content-Type: text/css
Last-Modified: Wed, 05 May 2021 02:57:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"60920994-2dccb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dpd.item-order.link/parse/fonts.css?kRzKmcx-kdQB-InmvcvRZzGBbUV
176.113.81.59200 OK 3.6 kB URL HTTP/1.1 dpd.item-order.link/parse/fonts.css?kRzKmcx-kdQB-InmvcvRZzGBbUV
IP 176.113.81.59:0
Hash c07c128404c0350bb3bc1c446a452e5b
38f4497ac92448c1ba99f3cb6db68b077e041d46
233a4da9299469e27cf1070024282ef1b24ca5e37ae3068f932af767cb799386
GET /parse/fonts.css?kRzKmcx-kdQB-InmvcvRZzGBbUV HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 04:10:02 GMT
Content-Type: text/css
Last-Modified: Wed, 05 May 2021 02:57:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"60920994-4c63"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dpd.item-order.link/parse/dpd_group_82x22.png
176.113.81.59200 OK 2.9 kB URL HTTP/1.1 dpd.item-order.link/parse/dpd_group_82x22.png
IP 176.113.81.59:0
File type PNG image data, 82 x 22, 8-bit/color RGB, non-interlaced\012- data
Hash 23b47ee69b35a3a2dbee83bfa742d521
873df9f3e1a89e7f522eca200e7ee9f94807d195
9e72e47498366f1af8dc4972041ce63172ed73fc49553c3e729c66191e6ff2ea
GET /parse/dpd_group_82x22.png HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 04:10:02 GMT
Content-Type: image/png
Content-Length: 2947
Last-Modified: Wed, 05 May 2021 02:57:24 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "60920994-b83"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
dpd.item-order.link/parse/dpd.png
176.113.81.59200 OK 21 kB URL HTTP/1.1 dpd.item-order.link/parse/dpd.png
IP 176.113.81.59:0
File type PNG image data, 141 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash 3adf083373a5d24d4b23ec4e212d94cd
4120c41feff071a8b02da31f3e7f65dcde1056b6
268b37ae55b70848676c6c100f52249325e99c6d511d95ebe841ad03bc685069
GET /parse/dpd.png HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 04:10:02 GMT
Content-Type: image/png
Content-Length: 21097
Last-Modified: Wed, 05 May 2021 02:57:24 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "60920994-5269"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
dpd.item-order.link/parse/claim.png
176.113.81.59200 OK 18 kB URL HTTP/1.1 dpd.item-order.link/parse/claim.png
IP 176.113.81.59:0
File type PNG image data, 251 x 58, 8-bit/color RGB, non-interlaced\012- data
Hash f272f86037dafef659865bb0a416b4c2
da09fef5b5fd94e8c5d1384cccb42fa7db8552d0
863a24f0e0d23c794479143baad6d856fcbdfaec2701a67988fbd5b85b5b1218
GET /parse/claim.png HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 04:10:02 GMT
Content-Type: image/png
Content-Length: 17674
Last-Modified: Wed, 05 May 2021 02:57:24 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "60920994-450a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
dpd.item-order.link/img/portfolio/6.jpg
176.113.81.59404 Not Found 272 B URL HTTP/1.1 dpd.item-order.link/img/portfolio/6.jpg
IP 176.113.81.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 12a8bf0f1393c0335034f65f70e755e2
cf2a224c0794a601748e02fb58fa8eeefc2bcc07
1a1b4207af59e85fb2b42bd6cb52080d4e7dd5831eededa420edd40069fb0638
GET /img/portfolio/6.jpg HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 18 Dec 2022 04:10:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 272
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
dpd.item-order.link/parse/ico-magnifying-glass-14x14.png
176.113.81.59200 OK 1.1 kB URL HTTP/1.1 dpd.item-order.link/parse/ico-magnifying-glass-14x14.png
IP 176.113.81.59:0
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 25a1f9cedd805d80c9a482dc398b4a0e
5ecb6b1505f2a699a5a4c86dc63ed423736b4845
7d7224d9babceb8ed6e0b7c860678d49c0ea5b53df49153d8db99c18c1e4a986
GET /parse/ico-magnifying-glass-14x14.png HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/parse/real.css?kRzKmcx-kdQB-InmvcvRZzGBbUV
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 04:10:02 GMT
Content-Type: image/png
Content-Length: 1136
Last-Modified: Wed, 05 May 2021 02:57:24 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "60920994-470"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
dpd.item-order.link/img/02.jpg
176.113.81.59404 Not Found 267 B URL HTTP/1.1 dpd.item-order.link/img/02.jpg
IP 176.113.81.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash aa9917175801362d2276096d2b0d917a
e12cc86182738c6d660b877e509b1e13984d2c11
f1dc777bede89dd67eb6c8fd0c5ed3a122857d2ae224b382bfc018abc694cf01
GET /img/02.jpg HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 18 Dec 2022 04:10:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 267
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
dpd.item-order.link/img/profile.jpg
176.113.81.59404 Not Found 264 B URL HTTP/1.1 dpd.item-order.link/img/profile.jpg
IP 176.113.81.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 7a55eede51d7f3c2d40b1c2c3bd14bf4
3569c79ac8384c16c7a04e3fd0fc152a221def72
253cf77890f4720589b4ccfc286cde49e448c6c5e28cd73f1a1f65728819ee55
GET /img/profile.jpg HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 18 Dec 2022 04:10:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 264
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
dpd.item-order.link/parse/plutosansdpdlight-web.woff
176.113.81.59200 OK 61 kB URL HTTP/1.1 dpd.item-order.link/parse/plutosansdpdlight-web.woff
IP 176.113.81.59:0
File type Web Open Font Format, TrueType, length 60781, version 1.0\012- data
Hash 20398ebf2986259c88014178d7044844
02422f7f86e44268579b2b3694ca72eaaa8a301a
9e462606602d426b676f2b6f9c0b6629b02f91204214898f7d4a56749c4e00d0
Analyzer Verdict Alert fortinet Phishing
GET /parse/plutosansdpdlight-web.woff HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dpd.item-order.link/parse/real.css?kRzKmcx-kdQB-InmvcvRZzGBbUV
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 04:10:02 GMT
Content-Type: font/woff
Content-Length: 60781
Last-Modified: Wed, 05 May 2021 02:57:24 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "60920994-ed6d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
dpd.item-order.link/parse/plutosansdpdregular-web.woff
176.113.81.59200 OK 60 kB URL HTTP/1.1 dpd.item-order.link/parse/plutosansdpdregular-web.woff
IP 176.113.81.59:0
File type Web Open Font Format, TrueType, length 60042, version 1.0\012- data
Hash 32319d6149e2659c974fef61dfd5cc42
e2aedccccdbad3f63b14e27941c59e7ba533cc51
c99d0b5a290e48d4e4cbb86c29dd12436f465696702a81ded130a411f1e98cd3
Analyzer Verdict Alert fortinet Phishing
GET /parse/plutosansdpdregular-web.woff HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dpd.item-order.link/parse/real.css?kRzKmcx-kdQB-InmvcvRZzGBbUV
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 04:10:02 GMT
Content-Type: font/woff
Content-Length: 60042
Last-Modified: Wed, 05 May 2021 02:57:24 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "60920994-ea8a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
dpd.item-order.link/img/portfolio/2.jpg
176.113.81.59404 Not Found 274 B URL HTTP/1.1 dpd.item-order.link/img/portfolio/2.jpg
IP 176.113.81.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ec1b552603c316fe8f36f5b80f13a880
826b97bb22410a9f86a04c9ebae8476f3fb0df0f
f97b6df4e51098da904aafd87aaab79efdcf94dbb8ea6e1090a9eecf0df0503c
GET /img/portfolio/2.jpg HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 18 Dec 2022 04:10:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 274
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Sun, 18 Dec 2022 05:02:44 GMT
Date: Sun, 18 Dec 2022 04:10:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Sun, 18 Dec 2022 05:02:44 GMT
Date: Sun, 18 Dec 2022 04:10:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Sun, 18 Dec 2022 05:02:44 GMT
Date: Sun, 18 Dec 2022 04:10:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Sun, 18 Dec 2022 05:02:44 GMT
Date: Sun, 18 Dec 2022 04:10:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Sun, 18 Dec 2022 05:02:44 GMT
Date: Sun, 18 Dec 2022 04:10:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6b04bcc-ed1e-40f8-81f9-587f3470d5fe.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6b04bcc-ed1e-40f8-81f9-587f3470d5fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 578392bee48563d778885698790a124b
597892da925c3a363878e81ff02032a316303512
d30fe2470e1f63c5249fd42d7cd804bbf326cf9a703c61e31b5322ebdb26fca6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6b04bcc-ed1e-40f8-81f9-587f3470d5fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9925
x-amzn-requestid: 15eb2112-b947-458a-8544-51bac721773d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2k9HNjIAMFTTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e37b9-7c5b94866d266af252f133b3;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:42:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0nlTTVMgZIa6HUmL4bx0L-menIA1szAYPKbL-2p3jcX9XDGOAHL5eg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:51:24 GMT
etag: "597892da925c3a363878e81ff02032a316303512"
content-type: image/jpeg
age: 22728
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed374d0c34e8b2e15f08a6479a4f45e7
5db9e59699048998f0685e940640eae19ef11c8e
9933854830be796a87cfe44b6b8336294e2d3dbbe3205f267720aca6968c3a21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12125
x-amzn-requestid: e44faa15-1dfd-4bc0-bdfb-307c3de2755d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2QPFZAIAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3734-33d636210a1e24742ee71187;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JHDfcd35b-bHZm6oayBIN5NDt6ZeGygBfvu7IKU18wFiLHMGEPQPkQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 22:02:19 GMT
etag: "5db9e59699048998f0685e940640eae19ef11c8e"
content-type: image/jpeg
age: 22073
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55ed0b2b-29ce-4d76-b023-81de03fa2be2.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55ed0b2b-29ce-4d76-b023-81de03fa2be2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 48ada927b99cfaa3fb3f64a1bac0070c
d033137dd828e42ce811226861ba6c7ad365f40c
e161cbd3e1eef6ede739a758bc4524abc2c2d66998f86f16f74c446ad7d22603
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55ed0b2b-29ce-4d76-b023-81de03fa2be2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8130
x-amzn-requestid: 4a3a96af-df3d-44b1-ae92-3c33339be260
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2PxEaKIAMF3Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3731-6d7a4d76179c29f76a494618;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:40:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4xc06b_ceIFa4BlT3Aqkrb0-9zGkPgct49UcwZ43as0YFFAu1m-dpw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:52:23 GMT
age: 22669
etag: "d033137dd828e42ce811226861ba6c7ad365f40c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf66930-95e3-4a55-8010-b1b6ca56bb72.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf66930-95e3-4a55-8010-b1b6ca56bb72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72e6e854c47d50c6eb07f491ac9ecc3b
067e0a350aaf1a509e8263f38191394e2fa1ee8f
cc6c3dff5dd6da8b61a4891a4c8ebb441fb37bd45af06520bc32d025d276a0f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf66930-95e3-4a55-8010-b1b6ca56bb72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11961
x-amzn-requestid: 58d907ec-0831-48ff-bd18-92b1f364190f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2PeF__oAMF2lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e372f-1c97663c43ee7c5552e3a6f9;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:39:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A_2HCy8X0ARYItr1vXoDcYpM18DHeoFfX1LZ_Npuujcgw_nQtqgYGQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:51:24 GMT
etag: "067e0a350aaf1a509e8263f38191394e2fa1ee8f"
content-type: image/jpeg
age: 22728
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff713a978-5d83-49aa-ba90-1412f38e5ac7.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff713a978-5d83-49aa-ba90-1412f38e5ac7.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d5f2b7168c67f3a6991208c4736b75c5
535c0c1841ab4a27ba69729403bcf5d56c99cb85
98a7be322eb5eb0a67e3672c03e0a4ed938d63b939ecbcedaf8a6e21cda6dcbd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff713a978-5d83-49aa-ba90-1412f38e5ac7.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10649
x-amzn-requestid: da30f426-ee8f-45c8-a652-61c813a03de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT3_dFe-IAMFySA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e39fc-6e187baf4d58c2434f156710;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:51:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z-cgdwQ81ww2IXeMpn-gVZ35plJTzKQt1bzNvkF21DUB3GVcVaaXJQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 22:26:41 GMT
age: 20611
etag: "535c0c1841ab4a27ba69729403bcf5d56c99cb85"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd0e913579b4ff2f511223d70cb01fb
497e0ffef816e100e6ddc221ec17d5f389c1142a
bee68ae1a938a5111a32dab4ec4f6964994e6c39143eac9ab94d6c5e29999372
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Dg3c2lWr1FbFUalH5QB05VrQIkpt3LNuUM-VxJZiaXy3nJu-cfd5jg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 23467
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dpd.item-order.link/img/01.jpg
176.113.81.59404 Not Found 270 B URL HTTP/1.1 dpd.item-order.link/img/01.jpg
IP 176.113.81.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 473cfc34afa22e40655dc0f46c5e504f
03fcca213996ba090c22a88811306dc6adae1f06
789b55dbeb164eb85415d2fabd795678387dc38ad1e95bef68e15345e9b98dd5
GET /img/01.jpg HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 18 Dec 2022 04:10:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 270
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
dpd.item-order.link/img/portfolio/1.jpg
176.113.81.59404 Not Found 270 B URL HTTP/1.1 dpd.item-order.link/img/portfolio/1.jpg
IP 176.113.81.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 99c5315b019cdb51eb911c76dad0d600
846e3275b4992c5b6e13c394d0f75b7220c4c5b6
e28539369b7e0311ee40a32ac08574985768d259a01bce8c688342cb4c2002cf
GET /img/portfolio/1.jpg HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 18 Dec 2022 04:10:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 270
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
dpd.item-order.link/img/03.jpg
176.113.81.59404 Not Found 266 B URL HTTP/1.1 dpd.item-order.link/img/03.jpg
IP 176.113.81.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9a90bab467fe57a3ff3bdce25392c96f
e64a60dea512a808f0b74e73be7087c4aa7b9d86
bb5b6a7c97984fef1c083faf08f65f5a305fe343acc6fafb8f8adbbf4323a908
GET /img/03.jpg HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 18 Dec 2022 04:10:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 266
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
dpd.item-order.link/img/portfolio/4.jpg
176.113.81.59404 Not Found 266 B URL HTTP/1.1 dpd.item-order.link/img/portfolio/4.jpg
IP 176.113.81.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ef53a79ae2efc87593f127a710edab9b
2d8f7c07ef3885c86a281559ceb7d8ab13ecee06
fa0f70c943c81cdc512986770e0972ca6975a0035516e5400366461c45d537d2
GET /img/portfolio/4.jpg HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 18 Dec 2022 04:10:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 266
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
dpd.item-order.link/img/portfolio/3.jpg
176.113.81.59404 Not Found 274 B URL HTTP/1.1 dpd.item-order.link/img/portfolio/3.jpg
IP 176.113.81.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 76b633e013fc8fe4290a021940053e35
174b1648ea4fadd601d4b78b25b16a9d456fd267
2183e4f4c511e13f45d49742369fbe87d8757025c7a0da9bb3b91689c6a67705
GET /img/portfolio/3.jpg HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 18 Dec 2022 04:10:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 274
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
dpd.item-order.link/img/portfolio/5.jpg
176.113.81.59404 Not Found 263 B URL HTTP/1.1 dpd.item-order.link/img/portfolio/5.jpg
IP 176.113.81.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9ad8557754140b28e3399d677dbc2a58
92423780523289c4f4efceeeec478f915fea184c
0a181ce0139e21c4397c12b84eee8cc922b8014319d24a3aac8600e21138c587
GET /img/portfolio/5.jpg HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 18 Dec 2022 04:10:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 263
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
dpd.item-order.link/favicon.ico?kRzKmcx-kdQB-InmvcvRZzGBbUV
176.113.81.59200 OK 1.2 kB URL HTTP/1.1 dpd.item-order.link/favicon.ico?kRzKmcx-kdQB-InmvcvRZzGBbUV
IP 176.113.81.59:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash b6ed8595981e9e71bda496671d05f29f
b29766c5df0d73b7e336586ac65e2de00ee95038
aea80e00fd6ac1583e0a3b692ca30571d18545435c49590df96cdd7e0f7eadb9
Analyzer Verdict Alert fortinet Phishing
GET /favicon.ico?kRzKmcx-kdQB-InmvcvRZzGBbUV HTTP/1.1
Host: dpd.item-order.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dpd.item-order.link/book_delivery.php?carrier=DP-WxOPMviaUQPR&returnCode=pqKubsEwDBHECRlJfzgcNwpIeQdufvZVmjPOcUKf
Cookie: PHPSESSID=m1n5sa3hojm668aoc0i9s4dda1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 04:10:03 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Wed, 05 May 2021 02:57:22 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "60920992-47e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes