driftnet.com.ng/public/6dz9CiinkRAmeg28EV29WMFXX05KJ91f
109.70.148.55302 Found 203 B URL HTTP/1.1 driftnet.com.ng/public/6dz9CiinkRAmeg28EV29WMFXX05KJ91f
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 385bac7b667a2788ff28d8ac2f943924
6e87c4536778ada6229d7404ff718cfed7e9d262
93706b3fca57fc8812838e427a48c3545d9f61f2ff137e336a0d9dbf411dd2b8
Analyzer Verdict Alert fortinet Phishing
GET /public/6dz9CiinkRAmeg28EV29WMFXX05KJ91f HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: http://driftnet.com.ng/public
content-type: text/html; charset=UTF-8
set-cookie: XSRF-TOKEN=eyJpdiI6Im5nZFdmV1FkN0cyenAwQWFXOWExYXc9PSIsInZhbHVlIjoiSWl5WFZvU1BmZGd4UDNFM3RpSU8zd3VEUnZaQ1JWMmhXTHI5SWNJNDkzMFAvMEV2SVk5anhXaS9iTTQ1UUxsdnVicmh5YVBWaE9xRGRPNmZiNHAxNE56MnF3cWhVZnVITEJPTWhBSEhBK3NFQlNvekZVMlV4cE5PZmVXNlZMc2IiLCJtYWMiOiIzYTg4MDg4OTVhMTE0YTlhOTRlOTBjYmU5ZDZiYmVkNzU0MDBiZmRiNmFhNmY1NmJmODlkYjhiYWNkMGZjYTAwIiwidGFnIjoiIn0%3D; expires=Sat, 01-Apr-2023 20:42:59 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InVvUFJOUEdmZWY0OG8wd0RhSlMxTEE9PSIsInZhbHVlIjoic21NTWE1MGdZaEt5U2FnK1AxWC9LSGlkSzh3ZjlFWHlDYkp1KzZwRk8yWVhkOTdYbks1YjlyNVBiOG1JNlpTWWkzZmF4Ny9GOUIrMUY0MGM1MzBXdlg2T29iaFZMUGZSMXhRVmJxNlUzNEtJU04rdllrd2FzUkp4VDFEWjBkZzAiLCJtYWMiOiIxNzkzNzY0YjQ0M2I5Y2M0MGQyMmQ0NmY1MWYzMTdkMDViZjQyNmIwMzE4OTEyOGIyNGZlMTUwZjZlMjA5YTNlIiwidGFnIjoiIn0%3D; expires=Sat, 01-Apr-2023 20:42:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-length: 203
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 01 Apr 2023 18:42:59 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 035772439731bbe3992c865f68e4b977
53fe2d0f678772b6b3e935aaca4d1ef82767e48f
9880ae6537e30af38e8d7ed612a5a44a54037d86686c63ef7eeebcc62cbda05f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9880AE6537E30AF38E8D7ED612A5A44A54037D86686C63EF7EEEBCC62CBDA05F"
Last-Modified: Sat, 01 Apr 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9013
Expires: Sat, 01 Apr 2023 21:13:12 GMT
Date: Sat, 01 Apr 2023 18:42:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3c6ad41618caef9613685a8f786def7
ce6e1256460e0d28da63f797e14a77c1477d0779
ce87c093a66e4a2adfba7794f5db0428a0986b7e74690b773cbd7708ccca3f0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE87C093A66E4A2ADFBA7794F5DB0428A0986B7E74690B773CBD7708CCCA3F0E"
Last-Modified: Sat, 01 Apr 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2479
Expires: Sat, 01 Apr 2023 19:24:18 GMT
Date: Sat, 01 Apr 2023 18:42:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 374c9e295a804e605c402f48ae7e2446
967394b36ecdff2dd32842f878887f061024c6b3
7652dfcb9e2d620ce1d033be8ecc53166d2881154c15decd60899415e5ac2706
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7652DFCB9E2D620CE1D033BE8ECC53166D2881154C15DECD60899415E5AC2706"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5620
Expires: Sat, 01 Apr 2023 20:16:39 GMT
Date: Sat, 01 Apr 2023 18:42:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 01 Apr 2023 18:16:17 GMT
content-type: application/json
age: 1602
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7B1DAXzEjS+PfzN8q0mGXjQ3l5WWdI1XCK6uO2V8gSJ7p9gD+EDqBQpLtgJq6e9Y3yHlNpRt/4gVzL4QM//HqQ==
x-amz-request-id: SMF9PJ8VGP7WCGKZ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 01 Apr 2023 18:03:50 GMT
age: 2349
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
driftnet.com.ng/public
109.70.148.55301 Moved Permanently 707 B IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert urlquery phishing Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /public HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im5nZFdmV1FkN0cyenAwQWFXOWExYXc9PSIsInZhbHVlIjoiSWl5WFZvU1BmZGd4UDNFM3RpSU8zd3VEUnZaQ1JWMmhXTHI5SWNJNDkzMFAvMEV2SVk5anhXaS9iTTQ1UUxsdnVicmh5YVBWaE9xRGRPNmZiNHAxNE56MnF3cWhVZnVITEJPTWhBSEhBK3NFQlNvekZVMlV4cE5PZmVXNlZMc2IiLCJtYWMiOiIzYTg4MDg4OTVhMTE0YTlhOTRlOTBjYmU5ZDZiYmVkNzU0MDBiZmRiNmFhNmY1NmJmODlkYjhiYWNkMGZjYTAwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVvUFJOUEdmZWY0OG8wd0RhSlMxTEE9PSIsInZhbHVlIjoic21NTWE1MGdZaEt5U2FnK1AxWC9LSGlkSzh3ZjlFWHlDYkp1KzZwRk8yWVhkOTdYbks1YjlyNVBiOG1JNlpTWWkzZmF4Ny9GOUIrMUY0MGM1MzBXdlg2T29iaFZMUGZSMXhRVmJxNlUzNEtJU04rdllrd2FzUkp4VDFEWjBkZzAiLCJtYWMiOiIxNzkzNzY0YjQ0M2I5Y2M0MGQyMmQ0NmY1MWYzMTdkMDViZjQyNmIwMzE4OTEyOGIyNGZlMTUwZjZlMjA5YTNlIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 01 Apr 2023 18:42:59 GMT
server: LiteSpeed
location: http://driftnet.com.ng/public/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 18:42:59 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Pragma, Backoff, Expires, Last-Modified, Content-Type, Alert, Retry-After, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 01 Apr 2023 18:17:27 GMT
age: 1532
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
driftnet.com.ng/public/
109.70.148.55200 OK 349 B IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 37d5eccb42ba77fad57caedb5e707da0
865b821c567ed03fa06f77abe788898d3c757908
68eb82b015e0e348f672417faddb0da18b28b53f53892659f8fefbb25940f9a7
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata low ET INFO Killbot JS Configuration - Possible Phishing
GET /public/ HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im5nZFdmV1FkN0cyenAwQWFXOWExYXc9PSIsInZhbHVlIjoiSWl5WFZvU1BmZGd4UDNFM3RpSU8zd3VEUnZaQ1JWMmhXTHI5SWNJNDkzMFAvMEV2SVk5anhXaS9iTTQ1UUxsdnVicmh5YVBWaE9xRGRPNmZiNHAxNE56MnF3cWhVZnVITEJPTWhBSEhBK3NFQlNvekZVMlV4cE5PZmVXNlZMc2IiLCJtYWMiOiIzYTg4MDg4OTVhMTE0YTlhOTRlOTBjYmU5ZDZiYmVkNzU0MDBiZmRiNmFhNmY1NmJmODlkYjhiYWNkMGZjYTAwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVvUFJOUEdmZWY0OG8wd0RhSlMxTEE9PSIsInZhbHVlIjoic21NTWE1MGdZaEt5U2FnK1AxWC9LSGlkSzh3ZjlFWHlDYkp1KzZwRk8yWVhkOTdYbks1YjlyNVBiOG1JNlpTWWkzZmF4Ny9GOUIrMUY0MGM1MzBXdlg2T29iaFZMUGZSMXhRVmJxNlUzNEtJU04rdllrd2FzUkp4VDFEWjBkZzAiLCJtYWMiOiIxNzkzNzY0YjQ0M2I5Y2M0MGQyMmQ0NmY1MWYzMTdkMDViZjQyNmIwMzE4OTEyOGIyNGZlMTUwZjZlMjA5YTNlIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImdCSnh0a2w1RE5veGNpM1laYnV0Snc9PSIsInZhbHVlIjoiemJ4SDJDanA5K0x6dGxabUhHdUFSWktpTmxKVHQyNTdFWGdCRWhZZ2txaG5hVUJkSGkzbmRVUnhGMjJ3UG0wbkF3OTEwdS9qdml4QnpjLy8vcmE5R2JRM2o0ZHExOEFxR3Z5SlZadlpjUXJDMnFCWDZWY2FhZmFnN0dCeUFSN3UiLCJtYWMiOiI2ZGVkMjJhZmFkODM2M2JjODY3ODUxZGZkOGVlMzIwMWE1NWYzYzlkNGFmMWI3ZjYyMGVhY2IxMjdiZTNhMjA5IiwidGFnIjoiIn0%3D; expires=Sat, 01-Apr-2023 20:42:59 GMT; Max-Age=7199; path=/; samesite=lax
laravel_session=eyJpdiI6InpBbjU5UGlpc09RN21aQlJtc0RXSkE9PSIsInZhbHVlIjoiWDFLWFFoZTBLQll0OUhtS29Wc0RCak9Gd0w5elpRWjAzZzJ0bDkyZHpEWWc2ZEpZVktpU3ZVL0djWkFlUTJiaHA3MlNaRjduS2JUN1MwZlNOL3ZLWGJpWWt2WGprNGJMWFB5VjY0Z203Nk4raXljVXRTUXZZVWNacXdpWkF4ZzciLCJtYWMiOiIxOTY3YWJhYTliMjFiYWJmNWEyZWQwNmJmZWE4MzEwZmE2OGVjZTY4MGI4ZTUxNDliMTQ2YTNjNDEzZGVmZGJlIiwidGFnIjoiIn0%3D; expires=Sat, 01-Apr-2023 20:42:59 GMT; Max-Age=7199; path=/; httponly; samesite=lax
content-length: 349
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 01 Apr 2023 18:43:00 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6fa0c0763a28dec230b96d4248edf345
b706ac54bb44a20b70f92857bc59af4063e7c09c
fa53224d11289a05229412401b747b3fe0e4323df51fbe0dafc634198617a115
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA53224D11289A05229412401B747B3FE0E4323DF51FBE0DAFC634198617A115"
Last-Modified: Sat, 01 Apr 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2793
Expires: Sat, 01 Apr 2023 19:29:33 GMT
Date: Sat, 01 Apr 2023 18:43:00 GMT
Connection: keep-alive
driftnet.com.ng/jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si/
109.70.148.55301 Moved Permanently 707 B URL HTTP/1.1 driftnet.com.ng/jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si/
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si/ HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://driftnet.com.ng/public/
Cookie: XSRF-TOKEN=eyJpdiI6ImdCSnh0a2w1RE5veGNpM1laYnV0Snc9PSIsInZhbHVlIjoiemJ4SDJDanA5K0x6dGxabUhHdUFSWktpTmxKVHQyNTdFWGdCRWhZZ2txaG5hVUJkSGkzbmRVUnhGMjJ3UG0wbkF3OTEwdS9qdml4QnpjLy8vcmE5R2JRM2o0ZHExOEFxR3Z5SlZadlpjUXJDMnFCWDZWY2FhZmFnN0dCeUFSN3UiLCJtYWMiOiI2ZGVkMjJhZmFkODM2M2JjODY3ODUxZGZkOGVlMzIwMWE1NWYzYzlkNGFmMWI3ZjYyMGVhY2IxMjdiZTNhMjA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InpBbjU5UGlpc09RN21aQlJtc0RXSkE9PSIsInZhbHVlIjoiWDFLWFFoZTBLQll0OUhtS29Wc0RCak9Gd0w5elpRWjAzZzJ0bDkyZHpEWWc2ZEpZVktpU3ZVL0djWkFlUTJiaHA3MlNaRjduS2JUN1MwZlNOL3ZLWGJpWWt2WGprNGJMWFB5VjY0Z203Nk4raXljVXRTUXZZVWNacXdpWkF4ZzciLCJtYWMiOiIxOTY3YWJhYTliMjFiYWJmNWEyZWQwNmJmZWE4MzEwZmE2OGVjZTY4MGI4ZTUxNDliMTQ2YTNjNDEzZGVmZGJlIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 01 Apr 2023 18:43:00 GMT
server: LiteSpeed
location: http://driftnet.com.ng/public/jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si
push.services.mozilla.com/
52.41.23.0101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.23.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cdzrIrZ6hXh7rBcJm5oXuw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eKm1Xm7269vDkxa6ciYdimSO1RI=
driftnet.com.ng/public/jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si
109.70.148.55200 OK 17 kB URL HTTP/1.1 driftnet.com.ng/public/jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39884)
Hash 07e397f33472bdd5b2babc4620936756
80df48ea7efc1302ab6c6026d1b1ebe317549c66
9e85a6bacb5aae959ffcee78fa0a30768d9cf256161e21aa73a37ccfe4c0af0e
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata high ET EXPLOIT_KIT TDS Sutra - page redirecting to a SutraTDS
suricata low ET INFO Killbot JS Configuration - Possible Phishing
GET /public/jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://driftnet.com.ng/public/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImdCSnh0a2w1RE5veGNpM1laYnV0Snc9PSIsInZhbHVlIjoiemJ4SDJDanA5K0x6dGxabUhHdUFSWktpTmxKVHQyNTdFWGdCRWhZZ2txaG5hVUJkSGkzbmRVUnhGMjJ3UG0wbkF3OTEwdS9qdml4QnpjLy8vcmE5R2JRM2o0ZHExOEFxR3Z5SlZadlpjUXJDMnFCWDZWY2FhZmFnN0dCeUFSN3UiLCJtYWMiOiI2ZGVkMjJhZmFkODM2M2JjODY3ODUxZGZkOGVlMzIwMWE1NWYzYzlkNGFmMWI3ZjYyMGVhY2IxMjdiZTNhMjA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InpBbjU5UGlpc09RN21aQlJtc0RXSkE9PSIsInZhbHVlIjoiWDFLWFFoZTBLQll0OUhtS29Wc0RCak9Gd0w5elpRWjAzZzJ0bDkyZHpEWWc2ZEpZVktpU3ZVL0djWkFlUTJiaHA3MlNaRjduS2JUN1MwZlNOL3ZLWGJpWWt2WGprNGJMWFB5VjY0Z203Nk4raXljVXRTUXZZVWNacXdpWkF4ZzciLCJtYWMiOiIxOTY3YWJhYTliMjFiYWJmNWEyZWQwNmJmZWE4MzEwZmE2OGVjZTY4MGI4ZTUxNDliMTQ2YTNjNDEzZGVmZGJlIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; expires=Sat, 01-Apr-2023 20:43:00 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D; expires=Sat, 01-Apr-2023 20:43:00 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-length: 16613
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 01 Apr 2023 18:43:00 GMT
server: LiteSpeed
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://driftnet.com.ng/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:43:00 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2774258
expires: Thu, 21 Mar 2024 18:43:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cflcci9Jyw3VSQGp%2FNmabJaM5zqw5OpC3bblVTHiyLf3Tbnlr6FF4ok%2BPWyrOynvUxqu35%2BkmQUZSdnaMqlKteX1SjExn%2BjE%2BFGYmWEmJZOgLYLqsg8JhSnMGArfNXdSmKfpGJae"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7b12f9aa59d9b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
driftnet.com.ng/public/css/app.css
109.70.148.55200 OK 57 kB URL HTTP/1.1 driftnet.com.ng/public/css/app.css
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
Hash 4a588f1010067b24efbdef5e36a9a205
d81aff5de42dc54f008ed95f2576874bf81d5e40
58de670d175d00596fc031dac8eda1657ab5ced3af1af132fa99bed295823869
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /public/css/app.css HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://driftnet.com.ng/public/jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 08 Apr 2023 18:43:00 GMT
content-type: text/css
last-modified: Wed, 30 Mar 2022 04:11:08 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 56777
date: Sat, 01 Apr 2023 18:43:00 GMT
server: LiteSpeed
driftnet.com.ng/images/logo.png
109.70.148.55200 OK 2.0 kB URL HTTP/1.1 driftnet.com.ng/images/logo.png
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d14ab93691604e826e1319d53599eb9
78724360e9d25da584445b851e37bca05abe6b85
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /images/logo.png HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://driftnet.com.ng/public/jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 08 Apr 2023 18:43:00 GMT
content-type: image/png
last-modified: Sun, 17 Apr 2022 21:24:00 GMT
accept-ranges: bytes
content-length: 1998
date: Sat, 01 Apr 2023 18:43:00 GMT
server: LiteSpeed
driftnet.com.ng/public/js/session-recorder.js
109.70.148.55200 OK 11 kB URL HTTP/1.1 driftnet.com.ng/public/js/session-recorder.js
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (44992)
Hash 5e26cadaf33830556018478d747c9c8d
4d35d7d270a09a1580b3711a6e4eaaca9a20aa97
5d7d9780f1e817caf93eaba42bb35fc99b52b806145073981dc640a35393205e
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /public/js/session-recorder.js HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://driftnet.com.ng/public/jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 08 Apr 2023 18:43:00 GMT
content-type: application/javascript
last-modified: Wed, 30 Mar 2022 03:35:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11181
date: Sat, 01 Apr 2023 18:43:00 GMT
server: LiteSpeed
driftnet.com.ng/images/all.png
109.70.148.55200 OK 12 kB URL HTTP/1.1 driftnet.com.ng/images/all.png
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type PNG image data, 123 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb0b7f615faf2deb9ec6f53d3149a3b
694a2c881c83e2ab86365bf1d16302ac5b9d500f
c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /images/all.png HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://driftnet.com.ng/public/jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 08 Apr 2023 18:43:00 GMT
content-type: image/png
last-modified: Sun, 17 Apr 2022 21:24:34 GMT
accept-ranges: bytes
content-length: 12499
date: Sat, 01 Apr 2023 18:43:00 GMT
server: LiteSpeed
kit.fontawesome.com/f7165dd215.js
104.18.23.52200 OK 81 kB URL HTTP/2 kit.fontawesome.com/f7165dd215.js
IP 104.18.23.52:0
Hash 82b1c8e328d91156ae669468c201f0cd
074fb0a660355d007b6a181339cc31dc78dd66f4
26cd44440bbb2182b6c9e4b7943c9a507d5b4852108e192dade2abf60cab208b
GET /f7165dd215.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://driftnet.com.ng
Connection: keep-alive
Referer: http://driftnet.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:43:00 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F1HPtdOPCaou6_iB1eph
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7b12f9aa5d93067b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
driftnet.com.ng/images/foo.png
109.70.148.55404 Not Found 2.3 kB URL HTTP/1.1 driftnet.com.ng/images/foo.png
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash c9c5d2135b93e247cf576a712767f9dc
ce081f9241173d5eb400030f76df55f681517bc3
c6a8278df1afe15262d0726880140bb02deecec060e80feb425211f34cd6027f
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /images/foo.png HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://driftnet.com.ng/public/jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 2309
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 01 Apr 2023 18:43:01 GMT
server: LiteSpeed
driftnet.com.ng/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
109.70.148.55404 Not Found 7.0 kB URL HTTP/1.1 driftnet.com.ng/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
Hash 230b418851e4cbfa9982b0665c5d65ad
b1d369a6af215c79eee07aa11d5b23ad76de5a0a
41cfb27842a3c2e618035b0fe3fdfadb7d7074e70ff361d760017e84609d4326
GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://driftnet.com.ng/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Sat, 01 Apr 2023 18:43:01 GMT
server: LiteSpeed
driftnet.com.ng/public/js/app.js
109.70.148.55200 OK 206 kB URL HTTP/1.1 driftnet.com.ng/public/js/app.js
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
Size 206 kB (205941 bytes)
Hash 576f12159770fd0d08534a82b5206e6f
1677825a588c40826e1d429a37274f9b54825a97
3c987e066e564e81fd36356bd02495059605e7e2ad1d36db2e743288318d6b7c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /public/js/app.js HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://driftnet.com.ng/public/jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 08 Apr 2023 18:43:00 GMT
content-type: application/javascript
last-modified: Wed, 30 Mar 2022 03:35:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 205941
date: Sat, 01 Apr 2023 18:43:00 GMT
server: LiteSpeed
driftnet.com.ng/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
109.70.148.55404 Not Found 6.6 kB URL HTTP/1.1 driftnet.com.ng/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://driftnet.com.ng/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Sat, 01 Apr 2023 18:43:01 GMT
server: LiteSpeed
driftnet.com.ng/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c
109.70.148.55404 Not Found 6.6 kB URL HTTP/1.1 driftnet.com.ng/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://driftnet.com.ng/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Sat, 01 Apr 2023 18:43:01 GMT
server: LiteSpeed
driftnet.com.ng/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
109.70.148.55404 Not Found 6.6 kB URL HTTP/1.1 driftnet.com.ng/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://driftnet.com.ng/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Sat, 01 Apr 2023 18:43:01 GMT
server: LiteSpeed
driftnet.com.ng/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
109.70.148.55404 Not Found 6.6 kB URL HTTP/1.1 driftnet.com.ng/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://driftnet.com.ng/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Sat, 01 Apr 2023 18:43:01 GMT
server: LiteSpeed
driftnet.com.ng/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775
109.70.148.55404 Not Found 6.6 kB URL HTTP/1.1 driftnet.com.ng/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://driftnet.com.ng/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 6609
date: Sat, 01 Apr 2023 18:43:01 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10269
Expires: Sat, 01 Apr 2023 21:34:10 GMT
Date: Sat, 01 Apr 2023 18:43:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10269
Expires: Sat, 01 Apr 2023 21:34:10 GMT
Date: Sat, 01 Apr 2023 18:43:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10269
Expires: Sat, 01 Apr 2023 21:34:10 GMT
Date: Sat, 01 Apr 2023 18:43:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10269
Expires: Sat, 01 Apr 2023 21:34:10 GMT
Date: Sat, 01 Apr 2023 18:43:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10269
Expires: Sat, 01 Apr 2023 21:34:10 GMT
Date: Sat, 01 Apr 2023 18:43:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ddcef2c96778d9fdee670e187a43ab32
e8c98891a1ffdbb6d30cf8746e067d56fe65d964
4e6fb506079b1daab0b1913a31c6252452f133af9276e18d25fe6fb622ce54ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3800
x-amzn-requestid: a182fb32-649a-4228-a591-080aae8c053a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm9VEY2oAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751ee-3a1abb584aa61a954dbd52c1;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ycsh7rNJt9blXZVpFbbdBDu5pZbGDfGIPLt5k0Ff9-fvWTX86Ndz6A==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:45:01 GMT
age: 75480
etag: "e8c98891a1ffdbb6d30cf8746e067d56fe65d964"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb930830ac86ec8ace6a232f67810ba
d084bf4331446c35236019010b2bcf82d45dad1c
bb81782bf590d601110ec8fb891f701e0f5084bda46370d30345bd81403a33ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5830
x-amzn-requestid: 0897bf26-6156-48d3-ba67-596cc326dddc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CqnHHG0JoAMF87w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6427522d-6f380d901d9d6b737ec19d6d;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:35:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: UfN2iRmDUhddBZW6qGy3q2-HCqb6Kx3iDENnirUkIoCJ6BW6zdWVtw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 22:44:32 GMT
etag: "d084bf4331446c35236019010b2bcf82d45dad1c"
content-type: image/jpeg
age: 71909
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-shims.min.css?token=f7165dd215
172.64.168.22200 OK 14 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-shims.min.css?token=f7165dd215
IP 172.64.168.22:0
File type ASCII text, with very long lines (27377)
Hash 93af0fb1afdf5191c9206b071f63d261
a65382ac5f11e4b012687621fa9717a409306fb4
390dc1b1cc0502bbbf762d22aa18daa3a91dee2a9bd89e10c422244f865fab1f
GET /releases/v6.4.0/css/free-v4-shims.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://driftnet.com.ng/
Origin: http://driftnet.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:43:01 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
etag: W/"5193a6de5225940ae4ef5f7c82126be9"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2a6a95e8d95cf855c934397de0d60aa.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: jU5Gl-Zl_mc4nYCpGtYdipN2q5prROKsX76zRf34TRjWeNAG0ToY6Q==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4XWOuw4fNxbcpqX97rhc5eq310qM46ltt1b1C4EH8Tq4VYBEPYEE25ZzbPBl6C1CIqgwvOSXRhHuXwKXuB4dxc%2BPrxIYmXtEVM3L7waAG6g3xctcQBJW6pPGNgUfE%2FaN%2B65VO7pKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b12f9ab8b9a7720-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.lr-in.com/logger-1.min.js
104.21.234.145200 OK 176 kB URL HTTP/2 cdn.lr-in.com/logger-1.min.js
IP 104.21.234.145:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 176 kB (175961 bytes)
Hash 46e240bbf300cc6a582bdcd403366141
c90f0e55dd4f0044ca21610e09702e46b854eb63
68567196546283c6a4787ee434cb50fd512e839d632e9c74623366b06b44b94b
GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://driftnet.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:43:00 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"4a93bc2a39cc823d2508e78af198f72a6ef6ee4f7c9067223553ef3abf68a1d2"
last-modified: Fri, 31 Mar 2023 22:47:04 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-lcy-eglc8600023-LCY
x-cache: HIT
x-cache-hits: 1
x-timer: S1680303066.610543,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 264
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swwN5B029jbvYVdgStqS5kKaqbtBGeF2nR6DUqJmQFEZczzy83pwtUnUS7QJX3Li5oeSkn%2FwS4YdyW%2BupTMT70gqy9kp5CZvlr6tDd7cr6ZqZW1Fo%2BtLJZ6aVm%2BY11m9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b12f9aadfc271ec-LHR
content-encoding: br
X-Firefox-Spdy: h2
driftnet.com.ng/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
109.70.148.55404 Not Found 2.3 kB URL HTTP/1.1 driftnet.com.ng/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash c9c5d2135b93e247cf576a712767f9dc
ce081f9241173d5eb400030f76df55f681517bc3
c6a8278df1afe15262d0726880140bb02deecec060e80feb425211f34cd6027f
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://driftnet.com.ng/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 2309
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 01 Apr 2023 18:43:01 GMT
server: LiteSpeed
driftnet.com.ng/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603
109.70.148.55404 Not Found 2.3 kB URL HTTP/1.1 driftnet.com.ng/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash c9c5d2135b93e247cf576a712767f9dc
ce081f9241173d5eb400030f76df55f681517bc3
c6a8278df1afe15262d0726880140bb02deecec060e80feb425211f34cd6027f
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603 HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://driftnet.com.ng/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 2309
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 01 Apr 2023 18:43:01 GMT
server: LiteSpeed
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F808d12ec-c97a-4c49-976e-6025ea897112.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F808d12ec-c97a-4c49-976e-6025ea897112.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 800c2662fd6ab8829a02b7d63084c38d
0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239
76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F808d12ec-c97a-4c49-976e-6025ea897112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5950
x-amzn-requestid: 5d5a94f5-db2f-4c4c-9c9f-08c14b0ccd80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm7NG2NIAMF-sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751e1-57c957f442c42fe148e66831;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:25 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: KkjS04mCLqFET4v9-sePYK-zcztrds608GECT1Fxz3BEpslgxnpLOg==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:37:17 GMT
age: 75944
etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfa5d643-243c-4157-97e2-d929d9b82514.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfa5d643-243c-4157-97e2-d929d9b82514.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 613b90b49678a72443e992713b7eb711
f4216e9b06d9cb62aadfafce434789a3cc5d1fe2
7cb101a12e824bf26552b2aaeb00df0e3f239c254168b9dee65192b484f1b61e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfa5d643-243c-4157-97e2-d929d9b82514.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4697
x-amzn-requestid: 800eecdb-6883-4266-a476-7e3ce7985d3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ClVE3HmcoAMF9cg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64253552-6ee0d63805e7a9631efa30fd;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 07:08:02 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: f6eh434UX0ff2-bARUFXdDr0W1Z78rO5MItrz39fdCpqpIVuftr4yw==
via: 1.1 304b956e2039e07753fa39109152d594.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Apr 2023 07:33:34 GMT
age: 40167
etag: "f4216e9b06d9cb62aadfafce434789a3cc5d1fe2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
driftnet.com.ng/images/favicon.gif
109.70.148.55200 OK 2.2 kB URL HTTP/1.1 driftnet.com.ng/images/favicon.gif
IP 109.70.148.55:0
ASN #25369 Hydra Communications Ltd
File type MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Hash a6f1af8e79a11829ba9a66474b06bb97
d99e3ec7747c865033a8dfad43c9f49634404bc1
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /images/favicon.gif HTTP/1.1
Host: driftnet.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://driftnet.com.ng/public/jBnXbPXbniVvqlnWsJ4HkbKKnt8qj5Si
Cookie: XSRF-TOKEN=eyJpdiI6IjBVdVl5YU9sMUJhc1NuTnplWWJZd0E9PSIsInZhbHVlIjoia0h3RkUvQTVIT1RPKzV1OGRjT2Ezb3dMTS8yeFJnZ293MmtDU2g4RktDUStkdUFmYmF0cVAzcUR5QVVWK0Q2M2NWTDBRZzJOR0RNZFNackJaR0thSmplSGphVGdLb2lxbC9HaHZaNDJ1YjBKSjdYRnhOSjNUUVJkRmhCWHloZjMiLCJtYWMiOiIyNjg0YWY4OTAwMjk4YjI5YmIxMDkwYTlkZWRlZmNkZjU2ZTY0MzNkMzU3YWRkNGZlZTY2OWM5ZWFjOTgwYTk1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxYYjFHSEljZG0xdUl6MHY5anZ6OEE9PSIsInZhbHVlIjoiTW00R0YxN3pibGxCaG9uZ3BNaTh6YXpkNjQ4SHo3WVlLMUlEdkpVR29JOGtmQ1p0Tk1VSlFnV1lLaHhEd1VxVktGRXpyTnl5L295T0YvVVh0UTVxTWc4ZG4ydHlENWJIMjVEdUV2TU85QXFsV1BVZENXNVhEckZhcTE0cWxGc1QiLCJtYWMiOiI0NDcxZjgzNjY1ZjAxYjYwN2QwMGNhYTBmMDFhNjNmMzk1OTBlNDQyYzBlYjJhYmEwNDhkMTA2YmQ0Mjc0NzA4IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 08 Apr 2023 18:43:01 GMT
content-type: image/gif
last-modified: Sun, 17 Apr 2022 21:25:28 GMT
accept-ranges: bytes
content-length: 2238
date: Sat, 01 Apr 2023 18:43:01 GMT
server: LiteSpeed
ka-f.fontawesome.com/releases/v6.4.0/webfonts/free-fa-brands-400.woff2
172.64.168.22200 OK 108 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.4.0/webfonts/free-fa-brands-400.woff2
IP 172.64.168.22:0
File type Web Open Font Format (Version 2), TrueType, length 108012, version 772.256\012- data
Size 108 kB (108012 bytes)
Hash a9ebafc81a2234f7d34d8e6ae20f221d
71bcb6477c6196de384ae7073c8d7cada6c2560a
d77ea474f365140c7dcd30a281e4a8dd3a3d842b33440106d40dca2081ad19a7
GET /releases/v6.4.0/webfonts/free-fa-brands-400.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://driftnet.com.ng
Connection: keep-alive
Referer: http://driftnet.com.ng/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:43:01 GMT
content-type: font/woff2
content-length: 108012
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 24 Mar 2023 05:23:18 GMT
etag: "a9ebafc81a2234f7d34d8e6ae20f221d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 d6030d5ab753695c0198f874d4276eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: kSS5z_nYyo8ytZPcmDPet6cSBMu_bsDUybexThQ_NEPzfCA62II6DQ==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmHna1ArKURkDvReSeNW6LrcaH%2BF7r%2Bc763VMv62jiTZnWAWmqSWQJZbGzDz%2BRUEywg9YtcIgqRJLzL9juwN1Tm4VbaFUGbxWtMycHQthhBMQAn45rHvKkmmKOUM8GH8nh%2BxFNVecg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b12f9aea9887720-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
35.172.255.244101 Switching Protocols 0 B URL HTTP/1.1 ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
IP 35.172.255.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://driftnet.com.ng
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c+SXqkS34Ki82HJ/2wRwMw==
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 01 Apr 2023 18:43:01 GMT
Connection: upgrade
Server: nginx/1.17.7
Upgrade: websocket
Sec-WebSocket-Accept: kk+JZG2wl4UO2iJr2R+4Y4krTY0=
ka-f.fontawesome.com/releases/v6.4.0/webfonts/free-fa-solid-900.woff2
172.64.168.22200 OK 150 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.4.0/webfonts/free-fa-solid-900.woff2
IP 172.64.168.22:0
File type Web Open Font Format (Version 2), TrueType, length 150120, version 772.256\012- data
Size 150 kB (150120 bytes)
Hash 47c0d51ac60ec37c20bc6f755cc9f71b
faac9f42942099b59f55bcf31a97d8c322a0b62c
b1ed5cd319e1b6bcac2b0d2ab3ebe5474d72327ef3d700fd553f4cf1b5d23a35
GET /releases/v6.4.0/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://driftnet.com.ng
Connection: keep-alive
Referer: http://driftnet.com.ng/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:43:01 GMT
content-type: font/woff2
content-length: 150120
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 24 Mar 2023 05:23:18 GMT
etag: "47c0d51ac60ec37c20bc6f755cc9f71b"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 7285dbd4c05f1133ea7048c8307b03ee.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: XS0dRuu4sa7_eIVZ2fwP6n_b-jUc-C8YN4erNbI4ZeWPwf5UfSHwcg==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4MxVlJts7WXNptXn%2FWnzcH59vmBDd%2B3WL8cBFPbzZP03Una6xkpZwA4WkBtdTnLIN%2BNLEFeqDLMYaCtIwlITJW3wA8GUwtCaJGIvl6QSIPvBYjKmUwOYO6pgNc%2FnGvYqpHDvBu1gA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b12f9aea9897720-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0ba3d9a55e767adc3c2007ecc43f82c1
d956c5d4a3ff90c2a09342ae01a5234c3d1b695a
daf14a1220e5fa4308433362540f12c2a9f38da32940525b52819f6e7ac2e35b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAF14A1220E5FA4308433362540F12C2A9F38DA32940525B52819F6E7AC2E35B"
Last-Modified: Thu, 30 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4595
Expires: Sat, 01 Apr 2023 19:59:39 GMT
Date: Sat, 01 Apr 2023 18:43:04 GMT
Connection: keep-alive
static.hotjar.com/c/hotjar-2895475.js?sv=6
54.230.111.113200 OK 3.7 kB URL HTTP/2 static.hotjar.com/c/hotjar-2895475.js?sv=6
IP 54.230.111.113:0
File type ASCII text, with very long lines (7815)
Hash a4d3280c8f5006dc123ec9144e636731
51b5b6613e5b6e07e48d9e593310b717cce9e103
700698c71d5f1b052d53ffcc3b01919657e3d5c2705d7eb4f73588804bbef26d
GET /c/hotjar-2895475.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://driftnet.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sat, 01 Apr 2023 18:43:01 GMT
cache-control: max-age=60
etag: W/2ccf72e3249df3c2d53d0325d3a39879
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ei11eamQF349XR0WYQ-lLVhGKdjhUDpM_scS8JHpYzj0jCLiSogOLA==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5464d27-4a65-4ce5-81dc-c2d73690f9ea.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5464d27-4a65-4ce5-81dc-c2d73690f9ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7a1cb3f6466e8edda3a9812c683f298
2e0415c7cbceef918add7de96c1f35393b499d49
43fdd189ffa0b3323cea6113bc4b8f4a55baf4acd869a79f5b1bf988dd82620f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5464d27-4a65-4ce5-81dc-c2d73690f9ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9166
x-amzn-requestid: e6475900-b87a-4e72-8196-42fd6589cfc0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm7BFw-oAMF-sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751df-519756f52943cf855b4e0bf7;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: vnxCcZzVTM1zw9mRBX4PmoE_eQTgWWTPZM-hhijOiWYRjnyf-8hhjg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 22:00:03 GMT
age: 74585
etag: "2e0415c7cbceef918add7de96c1f35393b499d49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.4.0/css/free-v5-font-face.min.css?token=f7165dd215
172.64.168.22200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.4.0/css/free-v5-font-face.min.css?token=f7165dd215
IP 172.64.168.22:0
GET /releases/v6.4.0/css/free-v5-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://driftnet.com.ng/
Origin: http://driftnet.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:43:01 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
etag: W/"5856e3f07fbc36fc4d430a95a577a87f"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 f40585e1285ddfba696e566c1dd902de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: XpSX4jIfamtjCQuuEL7cV8qHvUsacUo6PjiA-yjPs8EZrmVC_ZNHHQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCvJUQyTM43ocIFEnluB7WEb0waZ%2FXzY6soi9LkKpO4c9XEc5N0Wg0k7%2BkA0ofByXw4Fu1HdZXLcgMgBydGggi%2FpUNFCZ8NbhfKFAihlMm0A0fr%2FWwQcUyxUWR3iJXI6LJtHwZWjwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b12f9ab8b987720-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-font-face.min.css?token=f7165dd215
172.64.168.22200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-font-face.min.css?token=f7165dd215
IP 172.64.168.22:0
GET /releases/v6.4.0/css/free-v4-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://driftnet.com.ng/
Origin: http://driftnet.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:43:01 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
etag: W/"9e7f9f634ace089bcdacc3fcc5f23ce5"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fd0747792998e84c93905ff27ba05f7c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: VHZzJ8Sh0CrS3BjNNS7_yf2CVksk-4TknCqmIzN79YkvstNvEIL-tQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfb4kozPVnf%2FlGcAVta3T%2BARxSn6nMNvsx1S%2FtG0EgmvaDvmV0EkkRkUqtXWCAjiMv7YwrnB%2F%2FJWkonKfz6IAwyNAkzIMllKwanIBdhuVzrO9U%2FOfABDhDTHimksazxK5PESi%2F2cBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b12f9ab9bb57720-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
files.killbot.org/.cdn-cgi/killbot-security.js
104.21.11.160404 Not Found 0 B URL HTTP/2 files.killbot.org/.cdn-cgi/killbot-security.js
IP 104.21.11.160:0
GET /.cdn-cgi/killbot-security.js HTTP/1.1
Host: files.killbot.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://driftnet.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 01 Apr 2023 18:43:00 GMT
content-type: text/html
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
cache-control: max-age=14400
cf-cache-status: HIT
age: 177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FyGlG3dkFRcDi62Xs%2Bs2K1Y5eYhuGVHoPBsbPBfsBWlngPHjgTZNPoeEFcfh4YE4lq55ND%2BHJ1ZOXLLAP%2FXMmTManaLTma0948OL6Woqcf%2BNVVAmxPC9JW9kmrf9OsiF0GpnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b12f9a71f0fb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.4.0/css/free.min.css?token=f7165dd215
172.64.168.22200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.4.0/css/free.min.css?token=f7165dd215
IP 172.64.168.22:0
GET /releases/v6.4.0/css/free.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://driftnet.com.ng/
Origin: http://driftnet.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:43:01 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:21 GMT
etag: W/"5febfb939e2fc4ddf14fffae53b72cf0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee8862e43d7837ef5478becfe2eb7116.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: TocZ8Yj7NZvjmY8yWcjWY1HCgw3Ws90U0yWCdj3jLvwioYUvCdVbGQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdTtWomxEYvGfaq9sbOKdw16uNuiNT%2F16rXdALrJidNfuboGl7XDfCQuQuK%2BgidQGljO6majbQQYDE%2F6p4AWGlzyexFLRk%2FE5b8%2BB%2FFuTyqjZ1vLoKltoL5yJjUsxvS6ehI5eLu4lw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b12f9ab7b807720-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2