Report - seatx.com/.well-known/anti/

Report Overview

Submitted URL
seatx.com/.well-known/anti/
IP
97.79.238.200
ASN
#46549 GVO
Submitted
2022-11-25 23:12:12
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - DHL

Detections

urlquery
11
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.43.228.5
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	7.0 kB	142.250.74.3
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	774 B	16 kB	142.250.74.164
seatx.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	733 B	705 B	97.79.238.200
dejongtechniek.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.9 kB	949 kB	31.25.98.74
mydhl.express.dhl	49657	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	2.9 kB	104.110.11.36
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	32 kB	142.250.74.74
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	508 B	361 kB	142.250.74.163
lh6.ggpht.com	12395	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	445 B	2.9 kB	142.250.74.1
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
clients2.google.com	141	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	9.5 kB	142.250.74.142
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	52 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/	Phishing
2022-11-25	medium	dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/jquery-1.11.1.min.js	Phishing
2022-11-25	medium	dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/bootstrap.bundle.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	dejongtechniek.com	Sinkholed
2022-11-25	medium	dejongtechniek.com	Sinkholed
2022-11-25	medium	dejongtechniek.com	Sinkholed
2022-11-25	medium	dejongtechniek.com	Sinkholed
2022-11-25	medium	dejongtechniek.com	Sinkholed
2022-11-25	medium	dejongtechniek.com	Sinkholed
2022-11-25	medium	dejongtechniek.com	Sinkholed
2022-11-25	medium	dejongtechniek.com	Sinkholed
2022-11-25	medium	dejongtechniek.com	Sinkholed
2022-11-25	medium	dejongtechniek.com	Sinkholed
2022-11-25	medium	dejongtechniek.com	Sinkholed
2022-11-25	medium	dejongtechniek.com	Sinkholed
2022-11-25	medium	dejongtechniek.com	Sinkholed
2022-11-25	medium	dejongtechniek.com	Sinkholed

JavaScript (13)

	URL	Size	First Seen	Last Seen
	clients2.google.com/gr/gr_full_2.0.6.js	21 kB	2023-03-11	2024-04-23
Pretty URL clients2.google.com/gr/gr_full_2.0.6.js IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:19:02 Last Seen2024-04-23 15:57:44 Times Seen4 Hash 7edebfdd73c5ffe1aa95386bd641df09 34610b6b6aecda4a5bb766e84d407b5d0036140c 95d4300578446bf713fcf326ded94be0c3dc337a488dad7b1216220c5a099240 Loading...

	dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/	19 B	2023-03-11	2023-03-11
Pretty URL dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/ IP 31.25.98.74 ASN #48635 CLDIN B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:19:02 Last Seen2023-03-11 20:19:02 Times Seen1 Hash 8bb25caf6a37171108004571e887664d c403702e90153258b46f25d10fdfeab18aa9b6d3 7a479e97298c5ab920d7f306c7ede48856256032a8f9462b9333d1f73bff872a Loading...

	seatx.com/.well-known/anti/torsion/index.php	119 B	2023-03-11	2023-03-11
Pretty URL seatx.com/.well-known/anti/torsion/index.php IP 97.79.238.200 ASN #46549 GVO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:19:02 Last Seen2023-03-11 20:19:02 Times Seen1 Hash 1e81de6ef82bfc2c2dfe28c2be4cc732 f93496daaefd93543913cfeaa496fdf27a785c3b 456aff499d60a08478080a9bdf110f2dfd29c50df8a3e8178c2e12dbbe1fb9ba Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-24
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-24 08:14:25 Times Seen260899 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.google.com/recaptcha/api.js	850 B	2023-03-08	2023-03-17
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash a6d9f11246866ef6247a51ae9116cf53 1ba0ec4e57dd5d3845edb729fea44e6f709c7aca 60eac53947f6a289ca775891e56b3a4a1084cb8763fe2bf4220b759a58761f1d Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 09:11:30 Times Seen37035537 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.gstatic.com/feedback/js/help/prod/service/lazy.min.js	94 kB	2023-03-08	2024-04-22
Pretty URL www.gstatic.com/feedback/js/help/prod/service/lazy.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:36 Last Seen2024-04-22 16:34:28 Times Seen129 Hash 31981ce3478934a1cda1995278b40dff 98bd72fbd634f5be64bd3aa325e58e6241520f87 5992e78ca3ce1b9be202bbcdef3a32d9ebd6a3609bf039a21b379b5f77076f7b Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/jquery-1.11.1.min.js	96 kB	2023-03-07	2024-04-24
Pretty URL dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/jquery-1.11.1.min.js IP 31.25.98.74 ASN #48635 CLDIN B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 08:56:17 Times Seen46287 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	www.google.com/js/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js	37 kB	2023-03-10	2023-03-11
Pretty URL www.google.com/js/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:28:46 Last Seen2023-03-11 20:19:02 Times Seen1 Hash d0a55743b033cad56431dc1d4f5e0337 4302ac18236808481c18f9a4e8a19cafd42ed16c ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795 Loading...

	dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/bootstrap.bundle.min.js	79 kB	2023-03-07	2024-04-12
Pretty URL dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/bootstrap.bundle.min.js IP 31.25.98.74 ASN #48635 CLDIN B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:46 Last Seen2024-04-12 03:00:45 Times Seen5641 Hash 9ba32250da070fa7ff78f67f67e35552 085eccfd036da1edf601388a68cfe5cb316b1e2c e5a12b84f9543d5ba3231837c2f2467563405aa66a582b6fc400985f85df49ad Loading...

	dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/	546 B	2023-03-10	2023-03-11
Pretty URL dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/ IP 31.25.98.74 ASN #48635 CLDIN B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:46:11 Last Seen2023-03-11 20:19:02 Times Seen1 Hash f79bd977bae3c43060b4d5a0345feb70 6c5bd908603bbbf2201a5f1149d2d43f54b92585 70aec813522e44a4fb395e9518ccdbab7fcc22ce0dce9ae5c6f44068c702235d Loading...

		Size	First Seen	Last Seen
	#1 Eval - ac663eef27a5777db9edf2b82088d5d7	40 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 20:19:02 Last Seen2023-03-11 20:19:02 Times Seen1 Hash ac663eef27a5777db9edf2b82088d5d7 78ddd324e53cc84f0f31c31869b0fcb6509a672d 3cdc15552b43ccabadefa8c2256e3e74f52864235f57a4f15703a88e75b47419 Loading...

HTTP Transactions (51)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5191
Expires: Sat, 26 Nov 2022 00:38:33 GMT
Date: Fri, 25 Nov 2022 23:12:02 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4593
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 23:12:02 GMT
Last-Modified: Fri, 25 Nov 2022 21:55:29 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5082
Expires: Sat, 26 Nov 2022 00:36:44 GMT
Date: Fri, 25 Nov 2022 23:12:02 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 3knmvv3wGdDnbD+FHNBMDfq8QkVmsCKB/q+lEa7oMfiUFTg3o8aziTqHosl9yyAIWAorkB12gzKx73s0cXnkOg==
x-amz-request-id: 14CN5AYCX5Z5SQXG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 22:44:00 GMT
age: 1682
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 22:17:29 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3273
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 23:12:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

seatx.com/.well-known/anti/

97.79.238.200

302 Found

0 B

URL HTTP/1.1
seatx.com/.well-known/anti/
IP
97.79.238.200:0
ASN
#46549 GVO

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /.well-known/anti/ HTTP/1.1
Host: seatx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Fri, 25 Nov 2022 23:12:01 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
location: torsion/index.php
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

seatx.com/.well-known/anti/torsion/index.php

97.79.238.200

200 OK

173 B

URL HTTP/1.1
seatx.com/.well-known/anti/torsion/index.php
IP
97.79.238.200:0
ASN
#46549 GVO

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
173 B (173 bytes)
Hash
d73434c0a4683596aec8bc5f1bebf749
f7afc237d573146cabbf7fb8687f314f7025c187
266c1981bce3aeb1c85e5a70c4063ce9974be4a27b6269db404e3b6fead0b0c4

HTTP Headers

GET /.well-known/anti/torsion/index.php HTTP/1.1
Host: seatx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 23:12:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 173
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 23:11:11 GMT
cache-control: public,max-age=3600
age: 51
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5683
Cache-Control: max-age=127772
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 23:12:02 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:41:34 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/

31.25.98.74

200 OK

17 kB

URL HTTP/1.1
dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1037)
Size
17 kB (16818 bytes)
Hash
e8b89db8761b7b71c74c30247cab037d
dffb5559afde4f3165e2292b3fd6d4e9c416de34
39a12cfd522b0a8f87fb5bfb8d0af6267471078da3b5d28d678bcc72de89b2d5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /S/sg-dhl/sg-dhl/invoice/ HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://seatx.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 23:12:02 GMT
Set-Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p; expires=Fri, 25-Nov-2022 23:22:02 GMT; Max-Age=600; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Transfer-Encoding: chunked
Connection: keep-alive

push.services.mozilla.com/

52.43.228.5

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.228.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TIGcNBxRIScfqfZDE6DTRQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BeBM1Jy/NouEDC+EzY4e+kIEUD4=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 23:12:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/core.css

31.25.98.74

200 OK

4.3 kB

URL HTTP/1.1
dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/core.css
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
Unicode text, UTF-8 text
Size
4.3 kB (4334 bytes)
Hash
ff7f4d1750aec76dbf0588c674144803
c942638398522670b3461a1c1a39c7b79629ea82
eee29e4819608a72d1c3918d82f94381b0cf5cf348e0f47e9e03aa701374b8ea

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /S/sg-dhl/sg-dhl/invoice/files/no1/core.css HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/
Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 23:12:03 GMT
ETag: "10ee-5e2edcf623680"
Last-Modified: Sun, 03 Jul 2022 22:04:58 GMT
Content-Length: 4334
Content-Type: text/css
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Connection: keep-alive

dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/bootstrap.min.css

31.25.98.74

200 OK

163 kB

URL HTTP/1.1
dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/bootstrap.min.css
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
163 kB (162764 bytes)
Hash
a91522297dd4a21a2477bc684738ca11
05921697396c15245504fc4cec16ec534c8ecfff
b0071cd7ccef32768966b353e2ff09d13e07ab31148944e5545803232c2341e9

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /S/sg-dhl/sg-dhl/invoice/files/no1/bootstrap.min.css HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/
Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 23:12:02 GMT
ETag: "27bcc-5e2edcf623680"
Last-Modified: Sun, 03 Jul 2022 22:04:58 GMT
Content-Length: 162764
Content-Type: text/css
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 23:12:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
76544babbcf6515110bd81aaee8e7e63
043497692868c67ac84cdfe70d0a484517abd1c2
a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 23:12:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 23:12:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/font-awesome.min.css

31.25.98.74

200 OK

31 kB

URL HTTP/1.1
dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/font-awesome.min.css
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /S/sg-dhl/sg-dhl/invoice/files/no1/font-awesome.min.css HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/
Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 23:12:03 GMT
ETag: "7918-5e2edd3514b00"
Last-Modified: Sun, 03 Jul 2022 22:06:04 GMT
Content-Length: 31000
Content-Type: text/css
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Connection: keep-alive

dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/translateelement.css

31.25.98.74

200 OK

19 kB

URL HTTP/1.1
dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/translateelement.css
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
ASCII text, with very long lines (18670)
Size
19 kB (18724 bytes)
Hash
15ab5dfc566a9a19f6e89a72b7819e43
064aac1e8bc5a26c5986e40659bc328157ec3b53
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /S/sg-dhl/sg-dhl/invoice/files/no1/translateelement.css HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/
Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 23:12:03 GMT
ETag: "4924-5e2edcf623680"
Last-Modified: Sun, 03 Jul 2022 22:04:58 GMT
Content-Length: 18724
Content-Type: text/css
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Connection: keep-alive

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

142.250.74.74

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65447)
Size
31 kB (31017 bytes)
Hash
7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 11:24:15 GMT
expires: Tue, 21 Nov 2023 11:24:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 388068
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 23:12:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/jquery-1.11.1.min.js

31.25.98.74

200 OK

96 kB

URL HTTP/1.1
dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/jquery-1.11.1.min.js
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
ASCII text, with very long lines (32086)
Size
96 kB (95786 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - DHL
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /S/sg-dhl/sg-dhl/invoice/files/no1/jquery-1.11.1.min.js HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/
Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 23:12:03 GMT
ETag: "1762a-5e2edcf623680"
Last-Modified: Sun, 03 Jul 2022 22:04:58 GMT
Content-Length: 95786
Content-Type: application/javascript
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Connection: keep-alive

www.google.com/js/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js

142.250.74.164

200 OK

14 kB

URL HTTP/2
www.google.com/js/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (35849)
Size
14 kB (14154 bytes)
Hash
2212d5d35847b382df261e290335da2e
c65d8021c40306728ecee1bd2b22be0c0a2f5ead
63f20c3bdade87cf280b875a1e76e8ac1423c426f6b697fd6148ded0a1140ff9

HTTP Headers

GET /js/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14154
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 17:44:36 GMT
expires: Sat, 25 Nov 2023 17:44:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 03 Oct 2022 11:00:00 GMT
content-type: text/javascript
age: 19647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/bootstrap.bundle.min.js

31.25.98.74

200 OK

79 kB

URL HTTP/1.1
dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/bootstrap.bundle.min.js
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
ASCII text, with very long lines (65299)
Size
79 kB (78871 bytes)
Hash
9ba32250da070fa7ff78f67f67e35552
085eccfd036da1edf601388a68cfe5cb316b1e2c
e5a12b84f9543d5ba3231837c2f2467563405aa66a582b6fc400985f85df49ad

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - DHL
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /S/sg-dhl/sg-dhl/invoice/files/no1/bootstrap.bundle.min.js HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/
Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 23:12:03 GMT
ETag: "13417-5e2edcf80bb00"
Last-Modified: Sun, 03 Jul 2022 22:05:00 GMT
Content-Length: 78871
Content-Type: application/javascript
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Connection: keep-alive

www.google.com/recaptcha/api.js

142.250.74.164

200 OK

553 B

URL HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
553 B (553 bytes)
Hash
1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Fri, 25 Nov 2022 23:12:03 GMT
date: Fri, 25 Nov 2022 23:12:03 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/_/billing/_/js/k=billing.pcilms.fr.0QAWE09inW0.O/am=LJZIt6fuKwKAG_6vgw9UEeF1AQ/d=1/rs=AChpKPBJmX6CWz5QsyWF72tLdh7UQamc8w/m=d,pbff,eiso,ccco,cce,sfo,sf,pmm

142.250.74.163

200 OK

360 kB

URL HTTP/2
www.gstatic.com/_/billing/_/js/k=billing.pcilms.fr.0QAWE09inW0.O/am=LJZIt6fuKwKAG_6vgw9UEeF1AQ/d=1/rs=AChpKPBJmX6CWz5QsyWF72tLdh7UQamc8w/m=d,pbff,eiso,ccco,cce,sfo,sf,pmm
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1979)
Size
360 kB (360147 bytes)
Hash
5ff0396bb5b54fc5d67f2ec3c1ef0219
ad2e273863fcc7bbb1fa12c02c49418c905c5bc2
ea178cb8b28c64bcbc0883a5835a14e5e0eb7052d1d86a3353b1a1ea1af79d3e

HTTP Headers

GET /_/billing/_/js/k=billing.pcilms.fr.0QAWE09inW0.O/am=LJZIt6fuKwKAG_6vgw9UEeF1AQ/d=1/rs=AChpKPBJmX6CWz5QsyWF72tLdh7UQamc8w/m=d,pbff,eiso,ccco,cce,sfo,sf,pmm HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/billing-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="billing-ui"
report-to: {"group":"billing-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/billing-ui"}]}
content-length: 360147
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 17:44:36 GMT
expires: Sat, 25 Nov 2023 17:44:36 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 13 Oct 2022 10:05:19 GMT
content-type: text/javascript; charset=UTF-8
age: 19647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/logo.png

31.25.98.74

200 OK

8.3 kB

URL HTTP/1.1
dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/logo.png
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
PNG image data, 284 x 65, 8-bit/color RGBA, non-interlaced\012- data
Size
8.3 kB (8313 bytes)
Hash
fafd35a060782ff829a6083db55d3cdd
5ca268b6aae6a070681e7ec8de813c03ac8b255c
d7795b6034cbc93fc0632df895294a248644faa373ff8654553f81c137972ae8

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /S/sg-dhl/sg-dhl/invoice/files/no1/logo.png HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/
Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 23:12:03 GMT
ETag: "2079-5e2edcf80bb00"
Last-Modified: Sun, 03 Jul 2022 22:05:00 GMT
Content-Length: 8313
Content-Type: image/png
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Connection: keep-alive

dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/1625790534535.png

31.25.98.74

200 OK

3.9 kB

URL HTTP/1.1
dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/1625790534535.png
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
PNG image data, 187 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
3.9 kB (3878 bytes)
Hash
11ff7152775863d8bf58eb585a3cfa46
25127f0e304d9145ef8a824a8be504664a799b7f
5c4b801e60c49235941cfc562ed465a951c937c668db31e3c1ba152513c672d3

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /S/sg-dhl/sg-dhl/invoice/files/no1/1625790534535.png HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/
Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 23:12:03 GMT
ETag: "f26-5e2edcf80bb00"
Last-Modified: Sun, 03 Jul 2022 22:05:00 GMT
Content-Length: 3878
Content-Type: image/png
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Connection: keep-alive

dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/translate_24dp.png

31.25.98.74

200 OK

846 B

URL HTTP/1.1
dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/translate_24dp.png
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /S/sg-dhl/sg-dhl/invoice/files/no1/translate_24dp.png HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/
Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 23:12:03 GMT
ETag: "34e-5e2edcf9f3f80"
Last-Modified: Sun, 03 Jul 2022 22:05:02 GMT
Content-Length: 846
Content-Type: image/png
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Connection: keep-alive

clients2.google.com/gr/gr_full_2.0.6.js

142.250.74.142

200 OK

8.7 kB

URL HTTP/2
clients2.google.com/gr/gr_full_2.0.6.js
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2283)
Size
8.7 kB (8665 bytes)
Hash
c801b7ba62d3d6fdaa42e584754ca554
b9e93f6d45cbf2de4bda0770905ea845406e386e
47348549b9a1f16563a10974b8918db63ad776747da2aeaef93db4337201cbf0

HTTP Headers

GET /gr/gr_full_2.0.6.js HTTP/1.1
Host: clients2.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 8665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 22:52:59 GMT
expires: Fri, 25 Nov 2022 23:52:59 GMT
cache-control: public, max-age=3600
age: 1144
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 23:12:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 23:12:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 23:12:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/fonts/fontawesome-webfont.woff2?v=4.7.0

31.25.98.74

200 OK

77 kB

URL HTTP/1.1
dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /S/sg-dhl/sg-dhl/invoice/files/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/files/no1/font-awesome.min.css
Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 23:12:03 GMT
ETag: "12d68-5eb50dd2a4800"
Last-Modified: Tue, 18 Oct 2022 15:37:04 GMT
Content-Length: 77160
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 23:12:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lh6.ggpht.com/SkvM5Ll1i1X7xYId2toS7Fmcj4Dg5hej2GS0FpbBTcvAh4ZpFXZlUx6hodzIV4MdeeGgFopn

142.250.74.1

200 OK

2.2 kB

URL HTTP/2
lh6.ggpht.com/SkvM5Ll1i1X7xYId2toS7Fmcj4Dg5hej2GS0FpbBTcvAh4ZpFXZlUx6hodzIV4MdeeGgFopn
IP
142.250.74.1:0
ASN
#15169 GOOGLE

File type
PNG image data, 58 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2234 bytes)
Hash
31d955095bd60309401cd83898404f5e
70cdef497d8755876d4b3b349d3546638c90759a
1dba681552af8ef71693c8c61de402cca6fc31a42e17ab9fba0433e0e8c52243

HTTP Headers

GET /SkvM5Ll1i1X7xYId2toS7Fmcj4Dg5hej2GS0FpbBTcvAh4ZpFXZlUx6hodzIV4MdeeGgFopn HTTP/1.1
Host: lh6.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2234
x-xss-protection: 0
date: Fri, 25 Nov 2022 20:29:33 GMT
expires: Sun, 14 Nov 2021 14:52:36 GMT
cache-control: public, max-age=86400, no-transform
age: 9750
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b7757171f2e55c37975a5bcdeba7a4ae
1ce146a166c3c1d510d26c855321ca4b2426353d
7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 23:12:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mydhl.express.dhl/etc/designs/dhl/favicon.gif

104.110.11.36

200 OK

2.2 kB

URL HTTP/2
mydhl.express.dhl/etc/designs/dhl/favicon.gif
IP
104.110.11.36:0
ASN
#16625 AKAMAI-AS

File type
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Size
2.2 kB (2238 bytes)
Hash
a6f1af8e79a11829ba9a66474b06bb97
d99e3ec7747c865033a8dfad43c9f49634404bc1
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807

HTTP Headers

GET /etc/designs/dhl/favicon.gif HTTP/1.1
Host: mydhl.express.dhl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dejongtechniek.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: image/gif
content-length: 2238
content-disposition: attachment
x-frame-options: SAMEORIGIN
last-modified: Fri, 25 Nov 2022 22:45:08 GMT
etag: "8be-5ee53460ba9cb"
accept-ranges: bytes
cache-control: max-age=10800, public
expires: Sat, 26 Nov 2022 01:47:16 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.dhl.com ws: https: http:
strict-transport-security: max-age=31536000 ; includeSubDomains
date: Fri, 25 Nov 2022 23:12:03 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-akamai-tls: tls1.2
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9059
Expires: Sat, 26 Nov 2022 01:43:03 GMT
Date: Fri, 25 Nov 2022 23:12:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9059
Expires: Sat, 26 Nov 2022 01:43:03 GMT
Date: Fri, 25 Nov 2022 23:12:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9059
Expires: Sat, 26 Nov 2022 01:43:03 GMT
Date: Fri, 25 Nov 2022 23:12:04 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKxrYxVsJWOXAbrn6IpwLycF3rknFLkQeDyKOLq5WyflvTLeUjg_Lg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:18:42 GMT
age: 3202
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8078 bytes)
Hash
70fae9ac56bb7676177d4252757f0180
bd3027af47f20f4bb9ac36cd9e4493e28e6b041c
1378749f1b28b6c56b8e76418fc5dd59cf608a4e64c1e1067b4f19df10233afc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8078
x-amzn-requestid: e199b062-09f2-46b8-a8ee-6d7b782f7359
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC7GT2oAMF5XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-485ea8fd3e785be748834efd;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yJdSAEHw1AFVsBFBSX5G6rqED3Kpi_P69vtTrVVE1vFDtl3XMsyJ4g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:31:51 GMT
age: 2413
etag: "bd3027af47f20f4bb9ac36cd9e4493e28e6b041c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab1c6bf9-39a7-42ca-a718-a572401add09.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6382 bytes)
Hash
b72976b3f013ace345c85b0bdfea5f76
3e9004d90ed72f3034eae5cddd476eb50ac63ea6
068a487b9ae3d7461ef16e04cee8802a7b76a2bce19bf66df48b2b1cdb0c772c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab1c6bf9-39a7-42ca-a718-a572401add09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6382
x-amzn-requestid: e1e4c180-7f90-4d4b-a5f4-094e5f542a18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLacUFC4oAMFayA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813de8-09efee9d0604d16c61e3d452;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 22:12:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SR2His1pCOwZHi7bBtnG8QeCtZQsCMeJxs-UCpd79SK_77eM5fWeog==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:47 GMT
age: 3257
etag: "3e9004d90ed72f3034eae5cddd476eb50ac63ea6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2944 bytes)
Hash
5c135ab961de12d926b94f9abae8adbe
139f48ea60880efc6d2977f4d3141809f22adfef
1578a994e7c4eef451f1c744116caa95e1aa995c4817a13832f1ac3487cea95d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2944
x-amzn-requestid: 8f1b2573-39ab-442e-8c6e-97538a28aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWXXEjJIAMFu1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813762-52f27ff536b0c3b84bdfba8e;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:45:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9hy8v_azPZzuVRv1VN61DoNWbfA83JPs4JcZfRyLo3j6HCtWv_gkNw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:03:27 GMT
age: 4117
etag: "139f48ea60880efc6d2977f4d3141809f22adfef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc791f23-9e0d-4ffd-991b-9c697774e053.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14128 bytes)
Hash
e0174b63e0e8e8184799bedd77c7ca5f
ab196fcf5ef72cd13d1f8f370039258b963834ba
ffb99678ae74f059a66aaf5097b1c4b659519012f137b40a644ded7a3c524623

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc791f23-9e0d-4ffd-991b-9c697774e053.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14128
x-amzn-requestid: ac7d027c-55fe-479d-a5ca-baa09eabebea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUgEEXSIAMFzmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813466-061f1c9c36d007347d0c1302;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VBKkrmELCAhKQjBs5fb1udGUtrFAXF2_ifrzd8lTnmDTkdhO6d7clw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:07:00 GMT
etag: "ab196fcf5ef72cd13d1f8f370039258b963834ba"
content-type: image/jpeg
age: 3904
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:38:44 GMT
age: 66800
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dejongtechniek.com/payments/jserror?script=https%3A%2F%2Fwww.gstatic.com%2F_%2Fbilling%2F_%2Fjs%2Fk%3Dbilling.pcilms.fr.0QAWE09inW0.O%2Fam%3DLJZIt6fuKwKAG_6vgw9UEeF1AQ%2Fd%3D1%2Frs%3DAChpKPBJmX6CWz5QsyWF72tLdh7UQamc8w%2Fm%3Dd%2Cpbff%2Ceiso%2Cccco%2Ccce%2Csfo%2Csf%2Cpmm&error=Script%20error.&line=Not%20available

31.25.98.74

404 Not Found

149 kB

URL HTTP/1.1
dejongtechniek.com/payments/jserror?script=https%3A%2F%2Fwww.gstatic.com%2F_%2Fbilling%2F_%2Fjs%2Fk%3Dbilling.pcilms.fr.0QAWE09inW0.O%2Fam%3DLJZIt6fuKwKAG_6vgw9UEeF1AQ%2Fd%3D1%2Frs%3DAChpKPBJmX6CWz5QsyWF72tLdh7UQamc8w%2Fm%3Dd%2Cpbff%2Ceiso%2Cccco%2Ccce%2Csfo%2Csf%2Cpmm&error=Script%20error.&line=Not%20available
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (25525), with CRLF, LF line terminators
Size
149 kB (148908 bytes)
Hash
2e20e4acb7c9e764f0b82281ed53d0b5
a12ae0135762748d5ca8f25484d35cb2c4c5a68b
10de229d21d8e8fb1a94e523194d8021408d05c6e28f220ba44a2f17af33a397

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /payments/jserror?script=https%3A%2F%2Fwww.gstatic.com%2F_%2Fbilling%2F_%2Fjs%2Fk%3Dbilling.pcilms.fr.0QAWE09inW0.O%2Fam%3DLJZIt6fuKwKAG_6vgw9UEeF1AQ%2Fd%3D1%2Frs%3DAChpKPBJmX6CWz5QsyWF72tLdh7UQamc8w%2Fm%3Dd%2Cpbff%2Ceiso%2Cccco%2Ccce%2Csfo%2Csf%2Cpmm&error=Script%20error.&line=Not%20available HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2073
Origin: https://dejongtechniek.com
Connection: keep-alive
Referer: https://dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/
Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 23:12:03 GMT
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Type: text/html; charset=UTF-8
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Transfer-Encoding: chunked
Connection: keep-alive

31.25.98.74

404 Not Found

149 kB

URL HTTP/1.1
dejongtechniek.com/payments/jserror?script=https%3A%2F%2Fwww.gstatic.com%2F_%2Fbilling%2F_%2Fjs%2Fk%3Dbilling.pcilms.fr.0QAWE09inW0.O%2Fam%3DLJZIt6fuKwKAG_6vgw9UEeF1AQ%2Fd%3D1%2Frs%3DAChpKPBJmX6CWz5QsyWF72tLdh7UQamc8w%2Fm%3Dd%2Cpbff%2Ceiso%2Cccco%2Ccce%2Csfo%2Csf%2Cpmm&error=can%27t%20access%20property%20%22offsetTop%22%2C%20_.Pi(...)%20is%20null&line=2810
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (25525), with CRLF, LF line terminators
Size
149 kB (148908 bytes)
Hash
2e20e4acb7c9e764f0b82281ed53d0b5
a12ae0135762748d5ca8f25484d35cb2c4c5a68b
10de229d21d8e8fb1a94e523194d8021408d05c6e28f220ba44a2f17af33a397

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /payments/jserror?script=https%3A%2F%2Fwww.gstatic.com%2F_%2Fbilling%2F_%2Fjs%2Fk%3Dbilling.pcilms.fr.0QAWE09inW0.O%2Fam%3DLJZIt6fuKwKAG_6vgw9UEeF1AQ%2Fd%3D1%2Frs%3DAChpKPBJmX6CWz5QsyWF72tLdh7UQamc8w%2Fm%3Dd%2Cpbff%2Ceiso%2Cccco%2Ccce%2Csfo%2Csf%2Cpmm&error=can%27t%20access%20property%20%22offsetTop%22%2C%20_.Pi(...)%20is%20null&line=2810 HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 5475
Origin: https://dejongtechniek.com
Connection: keep-alive
Referer: https://dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/
Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 23:12:03 GMT
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Type: text/html; charset=UTF-8
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Transfer-Encoding: chunked
Connection: keep-alive

dejongtechniek.com/payments/jserror?script=https%3A%2F%2Fwww.gstatic.com%2Frecaptcha%2Freleases%2FKm9gKuG06He-isPsP6saG8cn%2Frecaptcha__en.js&error=Missing%20required%20parameters%3A%20sitekey&line=130

31.25.98.74

404 Not Found

149 kB

URL HTTP/1.1
dejongtechniek.com/payments/jserror?script=https%3A%2F%2Fwww.gstatic.com%2Frecaptcha%2Freleases%2FKm9gKuG06He-isPsP6saG8cn%2Frecaptcha__en.js&error=Missing%20required%20parameters%3A%20sitekey&line=130
IP
31.25.98.74:0
ASN
#48635 CLDIN B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (25525), with CRLF, LF line terminators
Size
149 kB (148908 bytes)
Hash
2e20e4acb7c9e764f0b82281ed53d0b5
a12ae0135762748d5ca8f25484d35cb2c4c5a68b
10de229d21d8e8fb1a94e523194d8021408d05c6e28f220ba44a2f17af33a397

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /payments/jserror?script=https%3A%2F%2Fwww.gstatic.com%2Frecaptcha%2Freleases%2FKm9gKuG06He-isPsP6saG8cn%2Frecaptcha__en.js&error=Missing%20required%20parameters%3A%20sitekey&line=130 HTTP/1.1
Host: dejongtechniek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 3782
Origin: https://dejongtechniek.com
Connection: keep-alive
Referer: https://dejongtechniek.com/S/sg-dhl/sg-dhl/invoice/
Cookie: PHPSESSID=3jusjj4jv7nmqptakbpsi4v81p
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 23:12:03 GMT
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Type: text/html; charset=UTF-8
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Transfer-Encoding: chunked
Connection: keep-alive

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP