www.googletagmanager.com/gtag/js?id=G-L60BLEXP3N
142.250.74.168200 OK 80 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-L60BLEXP3N
IP 142.250.74.168:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (3288)
Hash eeaa140d3eae2b539c7cf54b33dcca36
ccdf18a0be6ba65a573f8608cf8fd8c0dcd268bd
f691105620ea637071268aa41f7458a514f657048c0f72a6475cb7f296519724
GET /gtag/js?id=G-L60BLEXP3N HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Jun 2023 23:26:25 GMT
expires: Mon, 05 Jun 2023 23:26:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80471
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dhlmvp.webauthor.com/dhlvault/2569/DHLLogo.png
104.17.67.55200 OK 1.2 kB URL GET HTTP/3 dhlmvp.webauthor.com/dhlvault/2569/DHLLogo.png
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type PNG image data, 209 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash dcb51d6bd4d8e008bf8c2c7aca21e069
279baeea6979fffa076ef988351289e78374c9c7
51a0391f49a04e45c9e5abb55433906fd5702dd04ab8505e6c2b97965f83c6da
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /dhlvault/2569/DHLLogo.png HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: image/png
content-length: 1193
access-control-allow-methods: GET, POST, PUT, HEAD, ACCEPT, OPTIONS
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Mon, 03 Dec 2018 15:20:22 GMT
etag: "4a9-57c1fb0039728"
access-control-allow-origin: *
cf-cache-status: MISS
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e318f3eb4f1-OSL
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/dhlvault/2569/DHL-logo-transparent.png
104.17.67.55200 OK 5.0 kB URL GET HTTP/3 dhlmvp.webauthor.com/dhlvault/2569/DHL-logo-transparent.png
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type PNG image data, 195 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash bfcd6758f857e116d404d4e56706a209
c4f143b42df5703c57b6fc38e24417cc344b7eec
71dafed56fd4792d1c7f456ba8158e35aee287213536d4fc6e90f54eac76fd8d
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /dhlvault/2569/DHL-logo-transparent.png HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: image/png
content-length: 4995
access-control-allow-methods: GET, POST, PUT, HEAD, ACCEPT, OPTIONS
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 18 Nov 2014 18:51:30 GMT
etag: "1383-5082695539f58"
access-control-allow-origin: *
cf-cache-status: MISS
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e318f3db4f1-OSL
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/theme/xm-3/css/pre-bootstrap.css?ver=20181109-a
104.17.67.55200 OK 29 B URL GET HTTP/3 dhlmvp.webauthor.com/lib/theme/xm-3/css/pre-bootstrap.css?ver=20181109-a
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 382807ffdeccd4e4b08bcf59ab6ac21c
f1c91dbc8d21fc3a35441ec912eeb3eb849c8179
79008c8cb5b0a1eed4d9c9daeea8e8f319339092a953f5a0b048e1ca6e88eb69
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/theme/xm-3/css/pre-bootstrap.css?ver=20181109-a HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
content-length: 29
access-control-allow-headers: accept, content-type, X-Requested-With
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=33
etag: "21-5549796633bae"
last-modified: Tue, 18 Jul 2017 13:35:23 GMT
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e312ee4b4f1-OSL
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/jquery-ui/jquery-ui.min.js
104.17.67.55200 OK 75 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/jquery-ui/jquery-ui.min.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (32074)
Hash c15b1008dec3c8967ea657a7bb4baaec
78489e580adaef931e6e5b131dab556c397e4a1a
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/jquery-ui/jquery-ui.min.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:26 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Sun, 12 Jul 2020 14:15:49 GMT
etag: W/"3dee5-5aa3f35fd2f40-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1
expires: Tue, 04 Jun 2024 23:26:26 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e3539e4b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/theme/xm-3/fonts/icomoon.ttf?9stjqj
104.17.67.55200 OK 4.5 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/theme/xm-3/fonts/icomoon.ttf?9stjqj
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash a3785b54d1213ecae7429cc0601ad0bc
5253a130316c5651d88fb91fbdefd913ec03ea2b
109ddfc3e72208023d1fc662e7d1449da32058cd0a060dc03069134a4d0db0c5
GET /lib/theme/xm-3/fonts/icomoon.ttf?9stjqj HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/lib/theme/xm-3/css/main.css?ver=20230501-A
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:26 GMT
content-type: application/font-sfnt
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Wed, 05 Jul 2017 03:15:20 GMT
etag: W/"18e0-5538968f5262e"
access-control-allow-origin: *
cf-cache-status: MISS
expires: Tue, 04 Jun 2024 23:26:26 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e361a7fb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/vault/2569/ADMIN/images/icons/favicon-192-dhl.png
104.17.67.55200 OK 4.4 kB URL GET HTTP/3 dhlmvp.webauthor.com/vault/2569/ADMIN/images/icons/favicon-192-dhl.png
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 1756bcbb7f4a59a80185ec3b6083f2ba
b0b23b24b9ea03fa2c789e6259adb51d2fde27fb
aed09b74e8ac65d2afc4c7bce4c778fa4b82f7cdee0ed518e3ee1f236dbec69a
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /vault/2569/ADMIN/images/icons/favicon-192-dhl.png HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=; _ga_L60BLEXP3N=GS1.1.1686007585.1.0.1686007585.0.0.0; _ga=GA1.1.478988881.1686007586
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:26 GMT
content-type: image/png
content-length: 4434
access-control-allow-methods: GET, POST, PUT, HEAD, ACCEPT, OPTIONS
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Thu, 24 Oct 2019 12:15:54 GMT
etag: "1152-595a6fec0cbd8"
accept-ranges: bytes
access-control-allow-origin: *
set-cookie: AWSALBTG=sFmyt0IWAT1SBAdEWvzHyfsdL+lgIpp//IT38yn5VmD37nW5xHbbo43m/Y3BFBVY/wux3Ue87Zq0N17hVYdws264k9h66o7eli0IPVi0yWZ2s8UQ1SzO9UA0sAZmpZ+DykwqWNkNFHtJ/dVTdPeShB7WrLcpUF6HyxMuzoAcBfsiFUyZqV0=; Expires=Mon, 12 Jun 2023 23:26:26 GMT; Path=/
AWSALBTGCORS=sFmyt0IWAT1SBAdEWvzHyfsdL+lgIpp//IT38yn5VmD37nW5xHbbo43m/Y3BFBVY/wux3Ue87Zq0N17hVYdws264k9h66o7eli0IPVi0yWZ2s8UQ1SzO9UA0sAZmpZ+DykwqWNkNFHtJ/dVTdPeShB7WrLcpUF6HyxMuzoAcBfsiFUyZqV0=; Expires=Mon, 12 Jun 2023 23:26:26 GMT; Path=/; SameSite=None
AWSALB=y5GYs+GF+9Jr4d7Re3r5VBvynQ6p2uvQXjRuyIsG3TahIA/yvC4pXr4eEofNySyEmb5cxGW0DX47cZoYtc1BrJN8JAooXKspO3a0h+pESVzdMdwwPifCqtD6C8Xp; Expires=Mon, 12 Jun 2023 23:26:26 GMT; Path=/
AWSALBCORS=y5GYs+GF+9Jr4d7Re3r5VBvynQ6p2uvQXjRuyIsG3TahIA/yvC4pXr4eEofNySyEmb5cxGW0DX47cZoYtc1BrJN8JAooXKspO3a0h+pESVzdMdwwPifCqtD6C8Xp; Expires=Mon, 12 Jun 2023 23:26:26 GMT; Path=/; SameSite=None
cf-cache-status: DYNAMIC
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e37cb7eb4f1-OSL
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dhlmvp.webauthor.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 16:35:19 GMT
expires: Thu, 30 May 2024 16:35:19 GMT
cache-control: public, max-age=31536000
age: 456667
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dhlmvp.webauthor.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 16:35:19 GMT
expires: Thu, 30 May 2024 16:35:19 GMT
cache-control: public, max-age=31536000
age: 456667
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dhlmvp.webauthor.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 16:35:19 GMT
expires: Thu, 30 May 2024 16:35:19 GMT
cache-control: public, max-age=31536000
age: 456667
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dhlmvp.webauthor.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 16:35:19 GMT
expires: Thu, 30 May 2024 16:35:19 GMT
cache-control: public, max-age=31536000
age: 456667
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dhlmvp.webauthor.com/lib/com/tippy/light.css
104.17.67.55200 OK 331 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/tippy/light.css
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (691), with no line terminators
Size 331 kB (331144 bytes)
Hash 8798d22d8ad5c94a98db60df68c8debb
107e9a9c4b5a9fd7d1e8e7d17dd82c40d33285ad
c9ef454615fbb43862cedc020f52eaea3d6dab3fd0c67d70b96c6aa938593ab8
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/tippy/light.css HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Thu, 16 Feb 2023 20:03:35 GMT
etag: W/"2b3-5f4d6b119f3c0-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e319f4ab4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/theme/xm-3/css/login.css?ver=20200527-a
104.17.67.55200 OK 1.0 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/theme/xm-3/css/login.css?ver=20200527-a
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (1043), with no line terminators
Hash ee78cd3f7fda36017a2427b797b785a7
eaaac1bd395f65604cec6d379ef3f282b366be9e
5cac0c43ac7a2a1b1f75879171cc24709622875d25155cae3a1a1cd6195fefe6
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/theme/xm-3/css/login.css?ver=20200527-a HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-headers: accept, content-type, X-Requested-With
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=1234
etag: W/"4d2-5a6a16e613c75-gzip"
last-modified: Wed, 27 May 2020 13:45:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e316f18b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/vault/2569/ADMIN/images/icons/favicon-16-dhl.png
104.17.67.55200 OK 579 B URL GET HTTP/3 dhlmvp.webauthor.com/vault/2569/ADMIN/images/icons/favicon-16-dhl.png
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 096474208de547ebbd8f1b83a795cce9
c5dec1e3e04e63642dede19ece95ab33d0a6bc8b
02fa034929598c47635ce118c6e6912fdc70980c1f027310162236ff8dd201c1
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /vault/2569/ADMIN/images/icons/favicon-16-dhl.png HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=; _ga_L60BLEXP3N=GS1.1.1686007585.1.0.1686007585.0.0.0; _ga=GA1.1.478988881.1686007586
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:26 GMT
content-type: image/png
content-length: 579
set-cookie: AWSALBTG=ZNiO+kTvIPwRuP9yCayEPo/CwfW27Hh98EaALufX/0YPHper3BZw7myXPalU/bNuE4xE4dunWnrlW9aWr3A6x93dr66LZImM0PVZCLQjO4efceCELB1Fk2PUEx33mxVu4EBXEoRoKX9R9VVCq6QJ5FcypEETvwwLwwmg/K3uWBFK2jElqfA=; Expires=Mon, 12 Jun 2023 23:26:26 GMT; Path=/
AWSALBTGCORS=ZNiO+kTvIPwRuP9yCayEPo/CwfW27Hh98EaALufX/0YPHper3BZw7myXPalU/bNuE4xE4dunWnrlW9aWr3A6x93dr66LZImM0PVZCLQjO4efceCELB1Fk2PUEx33mxVu4EBXEoRoKX9R9VVCq6QJ5FcypEETvwwLwwmg/K3uWBFK2jElqfA=; Expires=Mon, 12 Jun 2023 23:26:26 GMT; Path=/; SameSite=None
AWSALB=qllFdhOOZRM4iu+kLVpetYIM3ZY8J6jmZPjfH18Twz/vf+GjB3HQ5h8Vw4X5ql8Mu6sCCRYn5j5albhZ2j6p0MxWfyKukd0nD4mkK2VznVnYeMPmWXeU0VR8S3vi; Expires=Mon, 12 Jun 2023 23:26:26 GMT; Path=/
AWSALBCORS=qllFdhOOZRM4iu+kLVpetYIM3ZY8J6jmZPjfH18Twz/vf+GjB3HQ5h8Vw4X5ql8Mu6sCCRYn5j5albhZ2j6p0MxWfyKukd0nD4mkK2VznVnYeMPmWXeU0VR8S3vi; Expires=Mon, 12 Jun 2023 23:26:26 GMT; Path=/; SameSite=None
access-control-allow-methods: GET, POST, PUT, HEAD, ACCEPT, OPTIONS
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Thu, 24 Oct 2019 12:15:53 GMT
etag: "243-595a6feb5cf58"
accept-ranges: bytes
access-control-allow-origin: *
cf-cache-status: DYNAMIC
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e37cb80b4f1-OSL
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/fontawesome/6.1.2/css/v4-shims.min.css?ver=20220818-A
104.17.67.55200 OK 27 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/fontawesome/6.1.2/css/v4-shims.min.css?ver=20220818-A
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (27247)
Hash cac33ad0f5431d6f86b27f411b87d889
67f167c47e7644220bb9a260030ff6df56de4d83
975b5b901fb009fb4181e8d20af41d9891ca7d2f3b9cb8c8e0d161b115f11a8e
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/fontawesome/6.1.2/css/v4-shims.min.css?ver=20220818-A HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Mon, 25 Jul 2022 18:21:36 GMT
etag: W/"6b1f-5e4a541122c00-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e312ee3b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/jquery/jquery.reject.js
104.17.67.55200 OK 18 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/jquery/jquery.reject.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 1a97989179d5d40d140e9bfa3bc17ab5
4bde960bb4f832c5b4310274881e3e2eb0bb2c3d
cae607e63e1e960ffda90c9c316b1402c2eda219d542844b79cded2946a80849
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/jquery/jquery.reject.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Fri, 16 Nov 2018 19:34:33 GMT
etag: W/"460c-57acd41ba063e-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e318f47b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/web-component/module.js?ver=20230111-F
104.17.67.55200 OK 693 B URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/web-component/module.js?ver=20230111-F
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (777), with no line terminators
Hash 84e418cd2d1e7525712d0934e5a04f1c
1eb4bdec27b29118501c63b224bd333d6ec67a94
a2a8f8ac9a8e5841d05b226dfc54f64dcc4aa2300e0690bf48dd19229f3d3b2b
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/web-component/module.js?ver=20230111-F HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Wed, 11 Jan 2023 05:29:58 GMT
etag: W/"2b5-5f1f64a848180-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e318f3cb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/jquery/jquery.reject.css
104.17.67.55200 OK 1.9 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/jquery/jquery.reject.css
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (2101), with no line terminators
Hash 5156b5664725fcfcf96fb1bbf6ce113f
8d20abe34292408ed127f8858a65d3d28766af48
70a3ecd2ab9b01e2f30e1e34c157f060c15557b2d1970cbd38cf7c4326d526d3
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/jquery/jquery.reject.css HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Fri, 16 Nov 2018 19:34:32 GMT
etag: W/"774-57acd41b6a07f-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e318f43b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/jquery/jquery-ui-bootstrap/css/custom-theme/jquery-ui-1.10.0.custom.css
104.17.67.55200 OK 60 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/jquery/jquery-ui-bootstrap/css/custom-theme/jquery-ui-1.10.0.custom.css
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
Hash a2c9de1b9569d4e020aa83548a2ca90b
5274e677fb1905beac2b2973b492a92d4c3f1df5
2db566cf4729c13727505330cba93e13986c3b0b587b469d228cba59b81a80c6
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/jquery/jquery-ui-bootstrap/css/custom-theme/jquery-ui-1.10.0.custom.css HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Mon, 17 Jul 2017 05:15:30 GMT
etag: W/"ec26-5547c7ccc6080-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e312eecb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/bootstrap/js/bootstrapx-clickover.js?ver=20181031-a
104.17.67.55200 OK 3.6 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/bootstrap/js/bootstrapx-clickover.js?ver=20181031-a
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (3593), with no line terminators
Hash a7e7d2b2ad3d5be5820ea281ec731ea5
a555636fc335e2c2f6888be41c27c72559851157
c15b962d541300ad1fe3dc2c9c5663c6ccac09d94732c6251aec44fe2573ee3d
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/bootstrap/js/bootstrapx-clickover.js?ver=20181031-a HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-headers: accept, content-type, X-Requested-With
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=7511
etag: W/"1d57-4cb3eb7dd7f00-gzip"
last-modified: Thu, 04 Oct 2012 17:02:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e317f2eb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/tippy/tippy-bundle.umd.min.js
104.17.67.55200 OK 24 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/tippy/tippy-bundle.umd.min.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (23467), with no line terminators
Hash 4134b26303b80c32a68dea0a04e67853
0b1cbeae4aee1af8bbbcc801f64999aaf18528be
ff0ad3778325a082260ff1e327c66bcc613e166877c045a4474a65e587e5ca4d
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/tippy/tippy-bundle.umd.min.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Tue, 28 Jul 2020 17:49:23 GMT
etag: W/"5bab-5ab840f394ec0-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e317f33b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/theme/xm-3/js/footer.js
104.17.67.55200 OK 1.0 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/theme/xm-3/js/footer.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (1113), with no line terminators
Hash 3cd06336d9c83d93b1b27419d6791b6f
4fded0feb8a7f0e141a8580d2c5cd849a4673bf5
1629653c123cdce0f46b6f64293c49ef619cd9a9fab608dc2cff1c27909c6ee0
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/theme/xm-3/js/footer.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Sat, 25 Feb 2023 17:03:54 GMT
etag: W/"3f8-5f5893b135280-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e319f4eb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
142.250.74.138200 OK 13 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 142.250.74.138:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (2134)
Hash 7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 16:30:37 GMT
expires: Wed, 29 May 2024 16:30:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 543349
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dhlmvp.webauthor.com/lib/theme/xm-3/css/bootstrap-extended.css?ver=20181109-a
104.17.67.55200 OK 121 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/theme/xm-3/css/bootstrap-extended.css?ver=20181109-a
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
Size 121 kB (120699 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lib/theme/xm-3/css/bootstrap-extended.css?ver=20181109-a HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-headers: accept, content-type, X-Requested-With
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=150422
etag: W/"24b96-57484e7472629-gzip"
last-modified: Tue, 28 Aug 2018 20:44:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e312ee8b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/theme/xm-3/polymer/bower_components/webcomponentsjs/webcomponents-lite.min.js
104.17.67.55200 OK 40 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/theme/xm-3/polymer/bower_components/webcomponentsjs/webcomponents-lite.min.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/theme/xm-3/polymer/bower_components/webcomponentsjs/webcomponents-lite.min.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Wed, 05 Jul 2017 03:17:49 GMT
etag: W/"9e63-5538971e41caa-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e315f09b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/web-component/module.js?ver=20230111-F
104.17.67.55200 OK 693 B URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/web-component/module.js?ver=20230111-F
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (777), with no line terminators
Hash 84e418cd2d1e7525712d0934e5a04f1c
1eb4bdec27b29118501c63b224bd333d6ec67a94
a2a8f8ac9a8e5841d05b226dfc54f64dcc4aa2300e0690bf48dd19229f3d3b2b
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/web-component/module.js?ver=20230111-F HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Wed, 11 Jan 2023 05:29:58 GMT
etag: W/"2b5-5f1f64a848180-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e315f14b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/fontawesome/6.1.2/webfonts/fa-solid-900.woff2
104.17.67.55200 OK 331 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/fontawesome/6.1.2/webfonts/fa-solid-900.woff2
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 330908, version 769.1280\012- data
Size 331 kB (330908 bytes)
Hash 42195a0dac2e817c29aaf70af8c8be00
1cefda2483c5e09657ac728f1e22c90e6623c4c7
417c616e19d66e8bccb08ec8c47415c7f815453580e13ee9c58eb56f9ff6eccf
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/fontawesome/6.1.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/lib/com/fontawesome/6.1.2/css/all.min.css?ver=20220818-A
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:26 GMT
content-length: 330908
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Mon, 25 Jul 2022 18:21:37 GMT
etag: "50c9c-5e4a541216e40"
access-control-allow-origin: *
cf-cache-status: MISS
expires: Tue, 04 Jun 2024 23:26:26 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e367ab1b4f1-OSL
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/theme/xm-3/js/jquery.main.js?ver=20230513-A
104.17.67.55200 OK 112 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/theme/xm-3/js/jquery.main.js?ver=20230513-A
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (2777)
Size 112 kB (111562 bytes)
Hash 4bb58b3344ac7629dc2d7a5c4c7ff8b8
6ed6f8f31d0fb4f7eaff3eac9b872c892d5e9331
a8a92a9317ea725c1735d76ed593f952a992fb5c16bd81a4e2f270167d51dd9d
GET /lib/theme/xm-3/js/jquery.main.js?ver=20230513-A HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-headers: accept, content-type, X-Requested-With
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=140470
etag: W/"224b6-5fb9aaeb22880-gzip"
last-modified: Sat, 13 May 2023 22:24:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e315f0fb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/jquery/sticky.js
104.17.67.55200 OK 3.3 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/jquery/sticky.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (3937), with no line terminators
Hash 3e5497230c3313df49af2129149502b6
d743e166fd2a606e769b0ed2a6c55b0e545a74f7
9e2aa9095c9be083e07da8ac9c52b0ccf457963271a9c434c4f07c98e5951fc0
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/jquery/sticky.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Fri, 16 Nov 2018 19:35:04 GMT
etag: W/"cf4-57acd439ccaf9-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e316f1ab4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/bootstrap/bootbox-3.3.0.min.js?ver=20181031-a
104.17.67.55200 OK 6.2 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/bootstrap/bootbox-3.3.0.min.js?ver=20181031-a
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (6464), with no line terminators
Hash a222be5c5fd1df592944ab9b38081440
ff4f8b8b4ec7f32d856ee733a5022f9064b987bf
fa2c845695570e53815fe52dcb3471881e91a2cb2176491af80a2b6882e43600
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/bootstrap/bootbox-3.3.0.min.js?ver=20181031-a HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Fri, 29 Apr 2016 13:15:15 GMT
etag: W/"1830-5319f6efa1ec0-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e317f2db4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
104.17.67.55200 OK 27 kB URL User Request GET HTTP/3 dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
IP 104.17.67.55:443
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8180), with CRLF, LF line terminators
Hash 7f41ad097ffdc4c62157f4cc181b6e3c
c39bfebda53b1356c6fecf1f5a6092544588308f
8b6f2962ca3113e705392390a96155a6e76201af542a987abbe6f6755fc4522c
GET /auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/modules/portal/default.cfm
Cookie: AWSALB=3jNc3MhlRdczdcv7EOQOS2I30JMunDLAQDVSCCmWBAR5kAK3ZE+C+syirGoEgwomTcUVN8RH0MGeT61tppGmcF+Ic5i3eXgZ0DzyLUzRudK7fNIvuZUT49Vkmgk8; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/html;charset=UTF-8
set-cookie: AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=; Expires=Mon, 12 Jun 2023 23:26:25 GMT; Path=/
AWSALBTGCORS=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=; Expires=Mon, 12 Jun 2023 23:26:25 GMT; Path=/; SameSite=None
AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; Expires=Mon, 12 Jun 2023 23:26:25 GMT; Path=/
AWSALBCORS=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; Expires=Mon, 12 Jun 2023 23:26:25 GMT; Path=/; SameSite=None
xmserver=LX%2D135%2D225; Path=/coldfusion; Secure; HttpOnly; SameSite=Lax;Secure;SameSite=None
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS, GET, HEAD, PUT, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-credentials: true
x-served-by: LX-135-225
content-language: en-US
link: </lib/com/fontawesome/6.1.2/css/all.min.css?ver=20220818-A>;rel="preload";as="style",</lib/com/fontawesome/6.1.2/css/v4-shims.min.css?ver=20220818-A>;rel="preload";as="style",</lib/com/fontawesome/6.1.2/css/v4-shims.min.css?ver=20220818-A>;rel="preload";as="style",</lib/theme/xm-3/css/pre-bootstrap.css?ver=20181109-a>;rel="preload";as="style",</lib/theme/xm-3/css/pre-bootstrap.css?ver=20181109-a>;rel="preload";as="style",</lib/theme/xm-3/css/bootstrap-extended.css?ver=20181109-a>;rel="preload";as="style",</lib/theme/xm-3/css/bootstrap-extended.css?ver=20181109-a>;rel="preload";as="style",</lib/jquery/jquery-ui-bootstrap/css/custom-theme/jquery-ui-1.10.0.custom.css>;rel="preload";as="style",</lib/jquery/jquery-ui-bootstrap/css/custom-theme/jquery-ui-1.10.0.custom.css>;rel="preload";as="style",</lib/theme/xm-3/css/main.css?ver=20230501-A>;rel="preload";as="style",</lib/theme/xm-3/css/main.css?ver=20230501-A>;rel="preload";as="style",</lib/theme/xm-3/css/dark-mode.css?ver=20221014-A>;rel="preload";as="style",</lib/theme/xm-3/css/dark-mode.css?ver=20221014-A>;rel="preload";as="style",</lib/theme/xm-3/polymer/bower_components/webcomponentsjs/webcomponents-lite.min.js>;rel="preload";as="script",</lib/theme/xm-3/polymer/bower_components/webcomponentsjs/webcomponents-lite.min.js>;rel="preload";as="script",</lib/jquery/jquery-3.5.1.min.js>;rel="preload";as="script",</lib/jquery/jquery-3.5.1.min.js>;rel="preload";as="script",</lib/com/jquery-ui/jquery-ui.min.js>;rel="preload";as="script",</lib/com/jquery-ui/jquery-ui.min.js>;rel="preload";as="script",</lib/com/moment/moment.js>;rel="preload";as="script",</lib/com/moment/moment.js>;rel="preload";as="script",</lib/bootstrap/js/bootstrap-3.4.1.js>;rel="preload";as="script",</lib/bootstrap/js/bootstrap-3.4.1.js>;rel="preload";as="script",</lib/theme/xm-3/js/jquery.main.js?ver=20230513-A>;rel="preload";as="script",</lib/theme/xm-3/js/jquery.main.js?ver=20230513-A>;rel="preload";as="script",</lib/tag/xm/inc/xm.2.0.js?ver=20230605-A>;rel="preload";as="script",</lib/tag/xm/inc/xm.2.0.js?ver=20230605-A>;rel="preload";as="script",</lib/com/web-component/module.js?ver=20230111-F>;rel="preload";as="script",</lib/com/web-component/module.js?ver=20230111-F>;rel="preload";as="script",</lib/com/toggle/css/switcher.css?ver=20220322-A>;rel="preload";as="style",</lib/com/toggle/js/jquery.switcher.webauthor.js?ver=20221122-C>;rel="preload";as="script",</lib/com/toggle/js/jquery.switcher.webauthor.js?ver=20221122-C>;rel="preload";as="script",</lib/theme/xm-3/css/login.css?ver=20200527-a>;rel="preload";as="style",</lib/theme/xm-3/css/login.css?ver=20200527-a>;rel="preload";as="style",</lib/jquery/sticky.css>;rel="preload";as="style",</lib/jquery/sticky.css>;rel="preload";as="style",</lib/jquery/sticky.js>;rel="preload";as="script",</lib/jquery/sticky.js>;rel="preload";as="script",</lib/jquery/jquery.toast.min.css>;rel="preload";as="style",</lib/jquery/jquery.toast.min.css>;rel="preload";as="style",</lib/jquery/jquery.toast.min.js>;rel="preload";as="script",</lib/jquery/jquery.toast.min.js>;rel="preload";as="script",</lib/bootstrap/js/bootstrap.xm.min.js?ver=20181031-a>;rel="preload";as="script",</lib/bootstrap/js/bootstrap.xm.min.js?ver=20181031-a>;rel="preload";as="script",</lib/bootstrap/bootbox-3.3.0.min.js?ver=20181031-a>;rel="preload";as="script",</lib/bootstrap/bootbox-3.3.0.min.js?ver=20181031-a>;rel="preload";as="script",</lib/bootstrap/js/bootstrapx-clickover.js?ver=20181031-a>;rel="preload";as="script",</lib/bootstrap/js/bootstrapx-clickover.js?ver=20181031-a>;rel="preload";as="script",</lib/js/store.modern.min.js>;rel="preload";as="script",</lib/js/store.modern.min.js>;rel="preload";as="script",</lib/com/popper/popper.min.js>;rel="preload";as="script",</lib/com/popper/popper.min.js>;rel="preload";as="script",</lib/com/tippy/tippy-bundle.umd.min.js>;rel="preload";as="script",</lib/com/tippy/tippy-bundle.umd.min.js>;rel="preload";as="script",</lib/js/emodal.min.js>;rel="preload";as="script",</lib/js/emodal.min.js>;rel="preload";as="script",</lib/com/fancybox/jquery.fancybox.min.css>;rel="preload";as="style",</lib/com/fancybox/jquery.fancybox.min.css>;rel="preload";as="style",</lib/com/fancybox/jquery.fancybox.min.js>;rel="preload";as="script",</lib/com/fancybox/jquery.fancybox.min.js>;rel="preload";as="script"
server-timing: request;dur=19
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e2fcdeeb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/toggle/css/switcher.css?ver=20220322-A
104.17.67.55200 OK 921 B URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/toggle/css/switcher.css?ver=20220322-A
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (922), with no line terminators
Hash 08bd0408be3bded4a89919b6f6c53bab
6f08804bcc5b072ed3c4ff3a51061e051d973aab
90ff62cbe398baac0f9c26905a1d8bd3721fbf8e4acbff721c5e55c15ea9985e
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/toggle/css/switcher.css?ver=20220322-A HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-headers: accept, content-type, X-Requested-With
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=1168
etag: W/"490-5dad164759200-gzip"
last-modified: Tue, 22 Mar 2022 16:49:12 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e315f16b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/popper/popper.min.js
104.17.67.55200 OK 18 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/popper/popper.min.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (17965)
Hash f702faada54ed2da6a6829fc1ab55762
23736340a0a40c8ae976e9c7335ffa4ea8c49859
754b79cd9a82e7526c5614ebb0e249fb021df7c3c48e5c3c9ea1bdbf69255a3b
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/popper/popper.min.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Tue, 28 Jul 2020 17:48:24 GMT
etag: W/"4684-5ab840bb50a00-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e317f32b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/fancybox/jquery.fancybox.min.css
104.17.67.55200 OK 14 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/fancybox/jquery.fancybox.min.css
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (13841), with no line terminators
Hash 0b8a5b13275298e7568eb7f0c40865d2
2e6a66987dbc7a57bbfd2655bce166739b4ba426
e72ac4dd95f7f11db42ea03fd4cbe1dca1c9586d47245e36aad66546d1864601
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/fancybox/jquery.fancybox.min.css HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Tue, 28 Jul 2020 17:43:50 GMT
etag: W/"3611-5ab83fb602180-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e317f37b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/moment/moment.js
104.17.67.55200 OK 98 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/moment/moment.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (1694)
Hash 083a95ff69983aa876faa422293bd927
873e0d44097de404aad72d7984db6723e6951441
fbc46737a3e71a42a1918126030d409933330fce0a151cac4de9155c2a832600
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/moment/moment.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-headers: accept, content-type, X-Requested-With
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=173824
etag: W/"2a700-5aa3f3e27a380-gzip"
last-modified: Sun, 12 Jul 2020 14:18:06 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e315f0db4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/jquery/jquery.toast.min.css
104.17.67.55200 OK 4.5 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/jquery/jquery.toast.min.css
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (4508), with no line terminators
Hash be8a6c1b1899c2ce48fdfb2d46784d30
b969813f6c8fd9ca8d1c08250303212be28aa34d
5a896b35367d958d102f97f4fd08b5cb0dd11a70cb8a0d8754b624aec866ed8d
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/jquery/jquery.toast.min.css HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Fri, 16 Nov 2018 19:34:42 GMT
etag: W/"119c-57acd4243b610-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e316f1db4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/jquery/jquery.toast.min.js
104.17.67.55200 OK 6.3 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/jquery/jquery.toast.min.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (6467), with no line terminators
Hash e3d56b3c0a8da1912250dcf1dd43c0ec
d2aa49156f557cb5b160095f1147647dbd5034c4
79282339e6819154a474929df9e14f7de886230d647d0a9b3e1241db31f4226b
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/jquery/jquery.toast.min.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Fri, 16 Nov 2018 19:34:42 GMT
etag: W/"186f-57acd42468ada-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e316f1fb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/bootstrap/js/bootstrap.xm.min.js?ver=20181031-a
104.17.67.55200 OK 25 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/bootstrap/js/bootstrap.xm.min.js?ver=20181031-a
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (24756), with no line terminators
Hash 98c7074a68967c04075e5c1daf3c0255
746525d3c44dd9814ad0aad194e83889915f2ab7
b1017f3e200ee526d1737c6fdb32596b1647422fba1bbc244580f50581e30f50
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/bootstrap/js/bootstrap.xm.min.js?ver=20181031-a HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Fri, 28 Apr 2023 19:07:58 GMT
etag: W/"60b4-5fa6a30eeff80-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e316f27b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/fancybox/jquery.fancybox.min.js
104.17.67.55200 OK 68 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/fancybox/jquery.fancybox.min.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/fancybox/jquery.fancybox.min.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Tue, 28 Jul 2020 17:43:23 GMT
etag: W/"10929-5ab83f9c424c0-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e318f3bb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/theme/xm-3/css/dark-mode.css?ver=20221014-A
104.17.67.55200 OK 8.8 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/theme/xm-3/css/dark-mode.css?ver=20221014-A
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (8845), with no line terminators
Hash 0763cbd5f18526dc466eac3362ff6a87
575869c5d072df8841d773c04cf3b8806f41dcc2
3709d66e7ce0776e6fa9c0dac9abcedfe06d080b6b02559ad8d1d0c37d379548
GET /lib/theme/xm-3/css/dark-mode.css?ver=20221014-A HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-headers: accept, content-type, X-Requested-With
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=11896
etag: W/"2e78-5eb0525acd1c0-gzip"
last-modified: Fri, 14 Oct 2022 21:17:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e315f08b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/jquery/sticky.css
104.17.67.55200 OK 1.4 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/jquery/sticky.css
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (1372), with no line terminators
Hash 9b0f965c9f501e84eb964ac047d143c4
1d69772e408b957c7c4d6e147a565ba5b9f6be8b
7e4ca6fc4bafcdc2e805dfe7bbb58eb4193f1dc5e568bd6a0426256ebadd5cde
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/jquery/sticky.css HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-headers: accept, content-type, X-Requested-With
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=1448
etag: W/"5a8-57acd439a7bb8-gzip"
last-modified: Fri, 16 Nov 2018 19:35:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e316f19b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/theme/xm-3/css/main.css?ver=20230501-A
104.17.67.55200 OK 137 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/theme/xm-3/css/main.css?ver=20230501-A
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
Size 137 kB (137277 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/theme/xm-3/css/main.css?ver=20230501-A HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-headers: accept, content-type, X-Requested-With
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=188619
etag: W/"2e0cb-5faa7b5f889c0-gzip"
last-modified: Mon, 01 May 2023 20:31:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e314f07b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/toggle/js/jquery.switcher.webauthor.js?ver=20221122-C
104.17.67.55200 OK 1.3 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/toggle/js/jquery.switcher.webauthor.js?ver=20221122-C
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (1316), with no line terminators
Hash 8f9e9dcc5572342ec6cdb0ed2dafa3d3
f566165c3978ad7ed03d694381249ca4ff3d6022
da6d75e9028acb78bad5b850ab285677357f8b10fcc93b0d46fbf84871dadac5
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/toggle/js/jquery.switcher.webauthor.js?ver=20221122-C HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-headers: accept, content-type, X-Requested-With
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=1587
etag: W/"633-5ee13ac9839c0-gzip"
last-modified: Tue, 22 Nov 2022 18:52:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e316f17b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/js/emodal.min.js
104.17.67.55200 OK 6.1 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/js/emodal.min.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (6150), with no line terminators
Hash 913b4e723a620f01e746aea1a3ebe525
613539b222ce1263ef3af4b44af89678e56ac985
e222eded09b409d352394d62db581df6acdcbd64a58f4cff78163dd70fe6d3cb
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/js/emodal.min.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Mon, 31 Aug 2020 15:45:13 GMT
etag: W/"17e4-5ae2e49c61440-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e317f35b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/tag/xm/inc/xm.2.0.js?ver=20230605-A
104.17.67.55200 OK 84 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/tag/xm/inc/xm.2.0.js?ver=20230605-A
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (3355), with CRLF, LF line terminators
Hash 8420469aaa05df9cce10ffe3a498bae9
7573bd8f8c48b365de4fc03d30f48762980205ef
9702dfb894da86c91714a2221f04d33dd433a9c51231463bf855e3cac5778c93
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/tag/xm/inc/xm.2.0.js?ver=20230605-A HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-headers: accept, content-type, X-Requested-With
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=103896
etag: W/"195d8-5fd63a686e040-gzip"
last-modified: Mon, 05 Jun 2023 15:35:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e315f12b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/js/store.modern.min.js
104.17.67.55200 OK 7.4 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/js/store.modern.min.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (7577), with no line terminators
Hash 91e1009bffcfa54623d032a5f5e88382
01c372c69efe0fb38e3ca77104aa1a1b97be703c
e3b001df984a7bd2777b2ea3f73eb3b6ee2159ca9129d13f8b785bf929e8cfeb
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/js/store.modern.min.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Wed, 30 May 2018 23:28:07 GMT
etag: W/"1cd7-56d74b40b0871-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e317f2fb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/auth/sign-in.js
104.17.67.55200 OK 1.4 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/auth/sign-in.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (1547), with no line terminators
Hash ed57dc94a067fb16b96cd74318e91973
740ea9480844f5c9b5a39f54345105635f8dfca5
7e82649e6cdd59a59a88ae46c58d1fb696069458f01bc907ec80bd83ddafb234
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/auth/sign-in.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Tue, 07 Sep 2021 13:52:56 GMT
etag: W/"55f-5cb68152f1e00-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e318f41b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/fontawesome/6.1.2/css/all.min.css?ver=20220818-A
104.17.67.55200 OK 500 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/fontawesome/6.1.2/css/all.min.css?ver=20220818-A
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (65360)
Size 500 kB (500427 bytes)
Hash ea04e273b26464f6ba72750188d6820e
100fb48714f9d095cae542668ae1fadb723c9ef5
2933c96098c15766caede229c9b8d9c97c99e710e8a3c366a73f437aeeb2db90
GET /lib/com/fontawesome/6.1.2/css/all.min.css?ver=20220818-A HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Mon, 25 Jul 2022 18:21:36 GMT
etag: W/"7a2cb-5e4a541122c00-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e311edeb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/jquery/jquery-3.5.1.min.js
104.17.67.55200 OK 90 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/jquery/jquery-3.5.1.min.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/jquery/jquery-3.5.1.min.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:26 GMT
content-type: application/javascript
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Sun, 12 Jul 2020 15:42:40 GMT
etag: W/"15d84-5aa406c96bc00-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1
expires: Tue, 04 Jun 2024 23:26:26 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e315f0bb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/bootstrap/js/bootstrap-3.4.1.js
104.17.67.55200 OK 51 kB URL GET HTTP/3 dhlmvp.webauthor.com/lib/bootstrap/js/bootstrap-3.4.1.js
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (444)
Hash 5b1b1ee1cc2f3b95318e0fde86b2ed5b
1aa2d56ceff2d2dc30933bf73b91518bdd893c80
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/bootstrap/js/bootstrap-3.4.1.js HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: application/javascript
access-control-allow-headers: accept, content-type, X-Requested-With
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=75484
etag: W/"126dc-5aa6ba10168c0-gzip"
last-modified: Tue, 14 Jul 2020 19:15:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e315f0eb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dhlmvp.webauthor.com/lib/com/tippy/material.css
104.17.67.55200 OK 619 B URL GET HTTP/3 dhlmvp.webauthor.com/lib/com/tippy/material.css
IP 104.17.67.55:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerCloudflare, Inc.
Subjectwebauthor.com
FingerprintA4:3E:EF:AE:E1:6B:63:60:45:7D:67:56:2D:AC:8B:2B:84:9C:96:E1
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (619), with no line terminators
Hash 30af13e4ae4f7ad799dd94ea4ec14dea
b735e87abcbea212a215c52910483ef53b9c82c4
688a7c06aa8fffecd1299b1a9412b047c16429e6b2f079da8f42081813898a87
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /lib/com/tippy/material.css HTTP/1.1
Host: dhlmvp.webauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Cookie: AWSALB=+SLTFPQAZVVLYuMqJuU8k0XWT4d3bBG5eFrQhY48iBjO35Ifk1iau1POfi1BDN0SbZZVbgaM+NaJ9R2LzDXmqrS5WbO0TM1xq+PIBIQv7X/+CAbdiyIXrB5AOSNK; CFID=28549; CFTOKEN=46a773a08f183bfd-8AD4EA66-B869-2F5B-E2D356762C26636E; JSESSIONID=9A638C53526F7572D0726B714E3B5F9C.cfusion; xm_start_page=%2Fmodules%2Fportal%2Fdefault%2Ecfm; AWSALBTG=VkjBo5F6vE2PPl1EHV4voEXZkLCwerIDqhkjiPwWBr70iWWr7LiEc1ICL7x2Zg2MfzHAL3OYNYL1QWeYuScbdIpTlHua+Y7iRnupGzhreYbPCelZ+3Ozpq/PMfefkaOedWKMcQJV5dsU5XtxMDKF40cT9C4mka1ZOSVi2YZGZjOnx6HHNNw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 23:26:25 GMT
content-type: text/css
access-control-allow-methods: GET, HEAD, POST, ACCEPT, OPTIONS
access-control-allow-headers: accept, content-type, X-Requested-With
last-modified: Thu, 16 Feb 2023 20:04:07 GMT
etag: W/"26b-5f4d6b3023bc0-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
expires: Tue, 04 Jun 2024 23:26:25 GMT
cache-control: public, max-age=31536000
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d2c2e319f4db4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css?family=Nunito:300,400,600,700
142.250.74.138200 OK 6.6 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Nunito:300,400,600,700
IP 142.250.74.138:443
Requested by https://dhlmvp.webauthor.com/auth.cfm?fs=NLI&nli=true&path=%2Fmodules%2Fportal%2Fdefault%2Ecfm&sign_in=true
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (6776), with no line terminators
Hash 8e69c0b1c25629847bc004049e967f28
8737565c6c7a46e12e136aad58066e87beddff92
1a92588aa3116263fd15841b9210e6befd8bba6cf234aa3f884bbf7e0dec33ef
GET /css?family=Nunito:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlmvp.webauthor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Jun 2023 23:26:26 GMT
date: Mon, 05 Jun 2023 23:26:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000