ocsp.pki.goog/s/gts1d4/8k2S4zfl0h8
142.250.74.131 471 B URL ocsp.pki.goog/s/gts1d4/8k2S4zfl0h8
IP 142.250.74.131:0
Hash 0d2dea43801d97cf578dce2e06e1cb7a
8d54c22822bd6eadcb49fa163acf834cf6e17e25
66407793a8013abd9e26a02e3b634c2702943488715f88e2253c6f05bd1bea8b
POST /s/gts1d4/8k2S4zfl0h8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 01:30:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vawidget-us.express.dhl/latest/index.html
34.102.188.203200 OK 5.1 kB URL GET HTTP/2 vawidget-us.express.dhl/latest/index.html
IP 34.102.188.203:443
Requested by moz-nullprincipal:{113ceece-df7f-43c7-90d2-10b361604b8a}?https://www.travailleraquebec.fr
Certificate IssuerGoogle Trust Services LLC
Subjectvawidget.express.dhl
Fingerprint21:E5:AB:B2:9A:B6:7A:BA:DF:A5:00:C4:C6:8E:54:D2:B8:E6:31:C8
ValidityFri, 19 May 2023 05:42:30 GMT - Thu, 17 Aug 2023 06:34:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5095), with no line terminators
Hash 5cee39ec342d4dc044d6a3472c0d88d7
06cb000582ddc26260d002c41685b11fc9434ea6
bb9bceb30d6c2e80ac3c50b220954581c27659f1c8a6af26af449b12c090b49a
GET /latest/index.html HTTP/1.1
Host: vawidget-us.express.dhl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.travailleraquebec.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtryj2sZPzvYJTxa-Iykyrx4p1jOaDiC2HdY3OjunZAIbh8bk58HtDIy-xJrys6nF_HPvDoc8s5wMZ5C_Dk4bMUnr73Tafo
x-goog-generation: 1685515889133888
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5095
x-goog-meta-goog-reserved-file-mtime: 1685514219
x-goog-hash: crc32c=+LeU8g==, md5=XO457DQtTcBE1qNHLA2I1w==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 5095
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Thu, 01 Jun 2023 01:30:50 GMT
expires: Thu, 01 Jun 2023 01:30:50 GMT
cache-control: no-cache,max-age=0
last-modified: Wed, 31 May 2023 06:51:29 GMT
etag: "5cee39ec342d4dc044d6a3472c0d88d7"
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/8k2S4zfl0h8
142.250.74.131 471 B URL ocsp.pki.goog/s/gts1d4/8k2S4zfl0h8
IP 142.250.74.131:0
Hash 0d2dea43801d97cf578dce2e06e1cb7a
8d54c22822bd6eadcb49fa163acf834cf6e17e25
66407793a8013abd9e26a02e3b634c2702943488715f88e2253c6f05bd1bea8b
POST /s/gts1d4/8k2S4zfl0h8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 01:30:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.travailleraquebec.fr/quarantine/indexx.html
199.241.137.199200 OK 1.2 MB URL User Request GET HTTP/2 www.travailleraquebec.fr/quarantine/indexx.html
IP 199.241.137.199:443
Certificate IssuerLet's Encrypt
Subjectwww.travailleraquebec.fr
Fingerprint89:47:AF:1E:11:A5:64:5F:C8:75:F7:5A:8B:6D:A9:B3:0E:36:32:D5
ValidityTue, 11 Apr 2023 11:03:24 GMT - Mon, 10 Jul 2023 11:03:23 GMT
Size 1.2 MB (1234969 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /quarantine/indexx.html HTTP/1.1
Host: www.travailleraquebec.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.13.1
date: Thu, 01 Jun 2023 01:30:49 GMT
content-type: text/html
last-modified: Wed, 31 May 2023 14:40:19 GMT
etag: "12d819-5fcfe4c8f4c1c-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
m-ship.me/sk/stara/users/
172.67.168.137403 Forbidden 0 B URL GET HTTP/2 m-ship.me/sk/stara/users/
IP 172.67.168.137:443
Requested by https://www.travailleraquebec.fr/quarantine/indexx.html
Certificate IssuerLet's Encrypt
Subjectm-ship.me
Fingerprint3A:6A:9B:AC:77:F5:D5:6F:95:03:5E:D4:EE:0A:3A:67:EA:3C:93:24
ValidityWed, 26 Apr 2023 07:21:28 GMT - Tue, 25 Jul 2023 07:21:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert phishtank Other
GET /sk/stara/users/ HTTP/1.1
Host: m-ship.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.travailleraquebec.fr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 01 Jun 2023 01:30:49 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=15
expires: Thu, 01 Jun 2023 01:31:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7JE3QXs0Vi9erB1vxI3%2FdU7n2%2FFOXXmRvt0lwYbl1lvDNK7C%2BTRHZJiH9nb5s1UkrkUCP%2FZ7tKqp9mQIjrlGJbQ2JXuYsJPs%2BnWAkYXAlk0E2P25oFIq89bfEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d03b18d2cd6b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2