www.express-delivery-dhl.com/
13.38.109.224301 Moved Permanently 162 B URL HTTP/1.1 www.express-delivery-dhl.com/
IP 13.38.109.224:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 09 Nov 2022 15:02:18 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.express-delivery-dhl.com/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7944
Expires: Wed, 09 Nov 2022 17:14:42 GMT
Date: Wed, 09 Nov 2022 15:02:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4924
Cache-Control: max-age=161450
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 15:02:18 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:53:08 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12176
Expires: Wed, 09 Nov 2022 18:25:14 GMT
Date: Wed, 09 Nov 2022 15:02:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 09 Nov 2022 14:43:42 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zV8Y4ZT/xYSQZbeBZbzpY9LSkNahEnGGgoAQOmUjuhPmh9hmNr+pC5YImMrYkck0rt7DpSvf670=
x-amz-request-id: JPN21Y80DJ6AGXW8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 14:49:01 GMT
age: 797
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 956cfcf60bfc57ea37b429204d3c5212
b9dcb741ab4e4b142696ebcdc849cd5f8301f477
ab652f3d2f53b7cd88ca49cc8c8c910a03d4d351a6bdf878f730f3d8cc0b97c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB652F3D2F53B7CD88CA49CC8C8C910A03D4D351A6BDF878F730F3D8CC0B97C2"
Last-Modified: Tue, 08 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21594
Expires: Wed, 09 Nov 2022 21:02:12 GMT
Date: Wed, 09 Nov 2022 15:02:18 GMT
Connection: keep-alive
www.express-delivery-dhl.com/
13.38.109.224302 Found 1 B URL HTTP/2 www.express-delivery-dhl.com/
IP 13.38.109.224:0
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: text/html; charset=UTF-8
content-length: 1
location: suivi.php
x-powered-by: PHP/7.4.32, PleskLin
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/suivi.php
13.38.109.224200 OK 45 kB URL HTTP/2 www.express-delivery-dhl.com/suivi.php
IP 13.38.109.224:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33563)
Hash fb7bfda79f05636d130f81c5d4a72424
83b0263f375f150ab0b743c5891771c82695c927
9c6636e84c4e67189c3adb0acf94261ab35b29a72b1e3cb1285ab3bfcc29ce25
Analyzer Verdict Alert fortinet Phishing
GET /suivi.php HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: text/html; charset=UTF-8
content-length: 44891
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.32, PleskLin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6513
Cache-Control: max-age=157983
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 15:02:19 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 10:55:22 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
104.17.25.14200 OK 19 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65317)
Hash 95d49e491b46f526854d624e40d8af76
5b145ab428cc484ecead4666e01cca7ce6b4dff4
f897fc168379623a0e92c3bb80ff02bc4742ccb555fb094e87dc9b60697a481c
GET /ajax/libs/font-awesome/6.2.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.express-delivery-dhl.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: text/css; charset=utf-8
content-length: 18688
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-4900"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6070318
expires: Mon, 30 Oct 2023 15:02:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCsJaZPjfDKC6J08y9kI2gKGpdrZ0V56eyS%2Fw9qTbPniTOgaO6mq%2BwoCa5s5S44BYZ0KgmgJPGq4KNod%2F5kjInUUsb1hd2WTYjy3p%2FJwzExbzglZL1JXJ7nl%2F8o3SFkQw9iEeSG5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76776dc31fdbb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css
151.101.85.229200 OK 28 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (65305)
Hash 9e809125b4f45a82ba699c490010ba2f
2a6060f1c5f6874b918a7838222e6c328fd7583f
b79929834ca653c9dcf7fa61428db7d5e4a2a8e119f304c447bb2218f9087b6a
GET /npm/bootstrap@5.2.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.express-delivery-dhl.com
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.2
x-jsd-version-type: version
etag: W/"2f955-er7QcON84GDApWFXXx1Bp/JI/HQ"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 15:02:19 GMT
age: 3222367
x-served-by: cache-fra19155-FRA, cache-bma1683-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27506
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 11546fd586ea5a0d986305d86ec09242
c905973f88f50a9142303a7d80343390561c50cb
23aceae3da5b42584e6082444167b8c058b95b1644010130abb9b192eeb3d696
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 15:02:19 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "BCAA526DA7DB6CED97017793F141C876C171EBE7"
Expires: Thu, 10 Nov 2022 01:00:00 GMT
Last-Modified: Wed, 09 Nov 2022 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2796
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76776dc36c4fb51d-OSL
www.express-delivery-dhl.com/assets/fonts/default-815fcbb4d2c579017011.woff
13.38.109.224200 OK 41 kB URL HTTP/2 www.express-delivery-dhl.com/assets/fonts/default-815fcbb4d2c579017011.woff
IP 13.38.109.224:0
File type Web Open Font Format, TrueType, length 41328, version 1.66\012- data
Hash e39bd2e2657ce5dd6f9c33df18529233
6db81ebb91bfa67cef8f2f870f03046150568799
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383
Analyzer Verdict Alert fortinet Phishing
GET /assets/fonts/default-815fcbb4d2c579017011.woff HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: font/woff
content-length: 41328
last-modified: Tue, 08 Nov 2022 16:01:51 GMT
etag: "636a7d6f-a170"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/assets/fonts/default-3e828e80f6e985c352eb.woff
13.38.109.224200 OK 44 kB URL HTTP/2 www.express-delivery-dhl.com/assets/fonts/default-3e828e80f6e985c352eb.woff
IP 13.38.109.224:0
File type Web Open Font Format, TrueType, length 44260, version 1.66\012- data
Hash 4a350e02a03ac62e72e9ea575b31ce84
d47b03b96b6e7034a1473a293bb594e597a41dc2
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5
Analyzer Verdict Alert fortinet Phishing
GET /assets/fonts/default-3e828e80f6e985c352eb.woff HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: font/woff
content-length: 44260
last-modified: Tue, 08 Nov 2022 16:01:51 GMT
etag: "636a7d6f-ace4"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/assets/fonts/default-5a6dd86f272b304a8b83.woff
13.38.109.224200 OK 41 kB URL HTTP/2 www.express-delivery-dhl.com/assets/fonts/default-5a6dd86f272b304a8b83.woff
IP 13.38.109.224:0
File type Web Open Font Format, TrueType, length 41352, version 1.66\012- data
Hash 4e23ecf085132857bdb54b4da7373151
a50215c22a591536b21e509100d1707c6886ffd6
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4
Analyzer Verdict Alert fortinet Phishing
GET /assets/fonts/default-5a6dd86f272b304a8b83.woff HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: font/woff
content-length: 41352
last-modified: Tue, 08 Nov 2022 16:01:51 GMT
etag: "636a7d6f-a188"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/RCc9f7f8cb76ec492d8b222a8d9c393cfc-source.min.js
13.38.109.224200 OK 389 B URL HTTP/2 www.express-delivery-dhl.com/info_files/RCc9f7f8cb76ec492d8b222a8d9c393cfc-source.min.js
IP 13.38.109.224:0
File type ASCII text, with very long lines (755)
Hash 30d9ceebca93073f0edef5b6b65cb1df
19db4ed172dae2a1092e64bb7b7e76e410acf3f5
6d12a3651529cec0842444048a160c2c59ce0cbea43877997b232907d0e372e9
Analyzer Verdict Alert fortinet Phishing
GET /info_files/RCc9f7f8cb76ec492d8b222a8d9c393cfc-source.min.js HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: application/javascript
content-length: 389
x-accel-version: 0.01
last-modified: Tue, 08 Nov 2022 16:02:00 GMT
etag: "386-5ecf7a90f6388-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-274a65bae9742377aaf0.woff
96.6.17.154200 OK 41 kB URL HTTP/2 www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-274a65bae9742377aaf0.woff
IP 96.6.17.154:0
File type Web Open Font Format, TrueType, length 41084, version 1.66\012- data
Hash 8e28d7fd1b601b52178ab7d32e2406c6
e78d4edea79147e8d6d0b394cbce252b2265b0c3
e005fcd603bec58c87365399d7955dc97b2e22e4ef24d573d7b44ac7cb0f8683
GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/default-274a65bae9742377aaf0.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.express-delivery-dhl.com
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src data: https: blob: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' https: http: blob:; style-src 'unsafe-inline' https: http: blob:; media-src 'unsafe-inline' https: http: blob:
x-content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src data: https: blob: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' https: http: blob:; style-src 'unsafe-inline' https: http: blob:; media-src 'unsafe-inline' https: http: blob:
x-webkit-csp: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src data: https: blob: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' https: http: blob:; style-src 'unsafe-inline' https: http: blob:; media-src 'unsafe-inline' https: http: blob:
last-modified: Fri, 14 Oct 2022 09:16:31 GMT
etag: "a07c-5eafb14e77631-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 41052
content-type: application/font-woff
cache-control: public, max-age=1209600
expires: Wed, 23 Nov 2022 15:02:19 GMT
date: Wed, 09 Nov 2022 15:02:19 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/NX18STXEB
13.38.109.224200 OK 190 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/NX18STXEB
IP 13.38.109.224:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 190 kB (190188 bytes)
Hash 11849a31ac0a1a5f0930f2bb2e5d1a9b
f1cb495b5d157d8b8db04756cd9f5e3724e40ed7
ad14591b0a111ed04a3ad1121c67a2be58788edbdff70bc3d129412b51a8b5f9
Analyzer Verdict Alert fortinet Phishing
GET /info_files/NX18STXEB HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: application/octet-stream
content-length: 190188
last-modified: Tue, 08 Nov 2022 16:01:59 GMT
etag: "636a7d77-2e6ec"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/assets/img/mes.png
13.38.109.224200 OK 30 kB URL HTTP/2 www.express-delivery-dhl.com/assets/img/mes.png
IP 13.38.109.224:0
File type PNG image data, 378 x 245, 8-bit/color RGB, non-interlaced\012- data
Hash ab8faeae47e80c02f7813222b936102a
03df24cf07f21fd2a7ec53a6ac0eb56351924e70
2d041bb02b3e8ad4a50d2bc2d019ebad077396f814cf2175995cf881c328cca9
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/mes.png HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: image/png
content-length: 30450
last-modified: Tue, 08 Nov 2022 16:01:52 GMT
etag: "636a7d70-76f2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/facebook-new.svg
13.38.109.224200 OK 1.4 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/facebook-new.svg
IP 13.38.109.224:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (963)
Hash 259d8928a7fd5329b3d7fd80eca2ea2f
a6337de5ff5761b39a319cd7ec3f8b10f201d066
43027752f5a04142e6518a4fd8ef54e7e73cfba7820da9c03c1ad38835f04fe2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/facebook-new.svg HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: image/svg+xml
content-length: 1406
last-modified: Tue, 08 Nov 2022 16:01:56 GMT
etag: "636a7d74-57e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/youtube-new.svg
13.38.109.224200 OK 1.4 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/youtube-new.svg
IP 13.38.109.224:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (971)
Hash 376247a0b06e705c758fe04978ea9df5
90d50c682c2ea23a9d26926c6eb3d849b7b94661
acd3eaf2b608fb48f9915964c36772b322ad91106508c4490e2a72122db4d347
Analyzer Verdict Alert fortinet Phishing
GET /info_files/youtube-new.svg HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: image/svg+xml
content-length: 1412
last-modified: Tue, 08 Nov 2022 16:02:02 GMT
etag: "636a7d7a-584"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/poweredBy_ot_logo.svg
13.38.109.224200 OK 3.0 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/poweredBy_ot_logo.svg
IP 13.38.109.224:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2998), with no line terminators
Hash 2e9b9ac8be368c1efcc51965c74be43b
dde87f63ecbaeb97c5708ced6ffd0e7de5a806c0
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/poweredBy_ot_logo.svg HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: image/svg+xml
content-length: 2998
last-modified: Tue, 08 Nov 2022 16:02:00 GMT
etag: "636a7d78-bb6"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/instagram-new.svg
13.38.109.224200 OK 4.5 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/instagram-new.svg
IP 13.38.109.224:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4063)
Hash 056511aeb5282ecaab9fbf10ed2273e5
fc29c2c37c4b4a31ad13e80356371e338aef5894
f01c2e1870fcd75ceca3b4c42c3110cb0aa4b933b562cf3d2c7ddd20ce03c7ee
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/instagram-new.svg HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: image/svg+xml
content-length: 4508
last-modified: Tue, 08 Nov 2022 16:01:58 GMT
etag: "636a7d76-119c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/dhl-logo.svg
13.38.109.224200 OK 1.6 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/dhl-logo.svg
IP 13.38.109.224:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3fecc9db35d5d2a9e6e71ab4b02d22e5
628ba2f505b480097445aaf08649a08242bd6847
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/dhl-logo.svg HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: image/svg+xml
content-length: 1603
last-modified: Tue, 08 Nov 2022 16:01:56 GMT
etag: "636a7d74-643"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/linkedIn-new.svg
13.38.109.224200 OK 1.6 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/linkedIn-new.svg
IP 13.38.109.224:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1204)
Hash 43efff953a2a3baf6a2ef0528f55dc07
b510bc0512da7d96cdf29a0f1e343319095776de
c32f1a0f5b093b6b2c8f5df0bf93856359769ee6bbab40975043cd133711d528
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/linkedIn-new.svg HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: image/svg+xml
content-length: 1647
last-modified: Tue, 08 Nov 2022 16:01:59 GMT
etag: "636a7d77-66f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/assets/img/colis.png
13.38.109.224200 OK 3.1 kB URL HTTP/2 www.express-delivery-dhl.com/assets/img/colis.png
IP 13.38.109.224:0
File type PNG image data, 102 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 8fdda0d85678421dfe58061ce3f10880
84d80a2244b270a86580fa336b84d14e9666c556
2a8ab786ed7b13aeaefd332c09836792ab6889ab9411cd3c959139f10b50b72b
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/colis.png HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: image/png
content-length: 3084
last-modified: Tue, 08 Nov 2022 16:01:52 GMT
etag: "636a7d70-c0c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/glo-footer-logo.svg
13.38.109.224200 OK 12 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/glo-footer-logo.svg
IP 13.38.109.224:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (656)
Hash d1b0e043744fd642282117a03d308b17
d8abe7a0887b804e516c45a344c542e291a1a84b
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/glo-footer-logo.svg HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: image/svg+xml
content-length: 11968
last-modified: Tue, 08 Nov 2022 16:01:57 GMT
etag: "636a7d75-2ec0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.126.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.126.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G6x6duoderUN76iy6hk5Tg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BswtYTR94LGZjKcNICm//WNQ6qY=
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
23.38.200.237200 OK 12 kB URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32768)
Hash e616df092766c7ab7904619f971a35cc
a960429c42802a43e3ce728fc4d1e8bdab10e606
082ae7647bfdb639846791e5c0ca39b96544dff3aed0c365973c9589cd5b091e
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12163
expires: Wed, 09 Nov 2022 16:02:19 GMT
date: Wed, 09 Nov 2022 15:02:19 GMT
cache-control: no-cache
access-control-allow-origin: https://www.express-delivery-dhl.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
23.38.200.237200 OK 1.6 kB URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (3155)
Hash e672de61b277fc72de4299829bfbb31c
157a7409922d58a02dad3ba879d04eb2a3ef8f3d
e1a1c2a6f2ed4ffb63ebfda157eaf12c6ee3973be4da649eb63e0402c0d29215
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1597
expires: Wed, 09 Nov 2022 16:02:19 GMT
date: Wed, 09 Nov 2022 15:02:19 GMT
cache-control: no-cache
access-control-allow-origin: https://www.express-delivery-dhl.com
timing-allow-origin: *
X-Firefox-Spdy: h2
s2.go-mpulse.net/boomerang/RSVGU-547KJ-ZUMZD-ZW27F-P4RHY
104.110.16.174200 OK 50 kB URL HTTP/2 s2.go-mpulse.net/boomerang/RSVGU-547KJ-ZUMZD-ZW27F-P4RHY
IP 104.110.16.174:0
File type C source, ASCII text, with very long lines (65103)
Hash 8991c3ec80ec8fbc41382a55679e3911
8cc8cee91d671038acd9e3ae611517d6801b0909
f55bacd4a20fef96f5c736a912d1947be85c268df18003395e511c1e860e8800
GET /boomerang/RSVGU-547KJ-ZUMZD-ZW27F-P4RHY HTTP/1.1
Host: s2.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Tue, 25 Oct 2022 01:07:03 GMT
timing-allow-origin: *
vary: Accept-Encoding
content-length: 50393
date: Wed, 09 Nov 2022 15:02:19 GMT
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/otSDKStub.js/consent/21ea6bde-3c6a-4350-a8dc-e86228114de3/21ea6bde-3c6a-4350-a8dc-e86228114de3.json
13.38.109.224404 Not Found 35 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/otSDKStub.js/consent/21ea6bde-3c6a-4350-a8dc-e86228114de3/21ea6bde-3c6a-4350-a8dc-e86228114de3.json
IP 13.38.109.224:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ebe6b4b946e625b3662212ef11010e29
b81f87cdf73a41282614de5e425dc782b23ebdad
0b5ad82eeb71b05b87db687ae9e569826edf1360e7270e509fe13d2d52c1005c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/otSDKStub.js/consent/21ea6bde-3c6a-4350-a8dc-e86228114de3/21ea6bde-3c6a-4350-a8dc-e86228114de3.json HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: text/html
last-modified: Tue, 08 Nov 2022 03:31:06 GMT
etag: W/"328-5eced2b9b22f7"
content-encoding: br
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/assets/fonts/default-274a65bae9742377aaf0.woff
13.38.109.224404 Not Found 808 B URL HTTP/2 www.express-delivery-dhl.com/assets/fonts/default-274a65bae9742377aaf0.woff
IP 13.38.109.224:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /assets/fonts/default-274a65bae9742377aaf0.woff HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: text/html
content-length: 808
last-modified: Tue, 08 Nov 2022 03:31:06 GMT
etag: "328-5eced2b9b22f7"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/clientlib-core.min.js
13.38.109.224200 OK 9.8 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/clientlib-core.min.js
IP 13.38.109.224:0
File type ASCII text, with very long lines (551)
Hash fe4519947684939a68f0319e55c90534
6ad3831567155ddb3243b4e339a0ca46cc1cbdc6
7ea79af95ee02bdb2d2b24ccec5be12554226ffbef6e924fa1a668f1b2a86810
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/clientlib-core.min.js HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:01:55 GMT
etag: W/"636a7d73-1cf9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png
96.6.17.154200 OK 1.2 kB URL HTTP/2 www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png
IP 96.6.17.154:0
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash 6e5f4e072a2793f9d9cd2a6974d5ccc9
df0d0b28ae71a37dd321d33435c3143a446e2741
148a09a41b13df86b44d2a1f70e2482e5d31fd91ce540a0dbe016011a5fd29b9
GET /etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src data: https: blob: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' https: http: blob:; style-src 'unsafe-inline' https: http: blob:; media-src 'unsafe-inline' https: http: blob:
x-content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src data: https: blob: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' https: http: blob:; style-src 'unsafe-inline' https: http: blob:; media-src 'unsafe-inline' https: http: blob:
x-webkit-csp: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src data: https: blob: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' https: http: blob:; style-src 'unsafe-inline' https: http: blob:; media-src 'unsafe-inline' https: http: blob:
last-modified: Fri, 14 Oct 2022 09:18:25 GMT
etag: "495-5eafb1bb2ea2d"
accept-ranges: bytes
content-length: 1173
content-type: image/png
cache-control: public, max-age=0
expires: Wed, 09 Nov 2022 15:02:19 GMT
date: Wed, 09 Nov 2022 15:02:19 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-da52a17c1b8deb953bfe.woff
96.6.17.154200 OK 26 kB URL HTTP/2 www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-da52a17c1b8deb953bfe.woff
IP 96.6.17.154:0
Hash 7a7ce296ec8dd6ef07b477849b939b13
a7253843a85f3e535990f3919bc5ba2ba3319403
a5719b9fa68c0484b9b9222401478aef345de691e637fa1d9300e3916d34761a
GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-da52a17c1b8deb953bfe.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.express-delivery-dhl.com
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src data: https: blob: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' https: http: blob:; style-src 'unsafe-inline' https: http: blob:; media-src 'unsafe-inline' https: http: blob:
x-content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src data: https: blob: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' https: http: blob:; style-src 'unsafe-inline' https: http: blob:; media-src 'unsafe-inline' https: http: blob:
x-webkit-csp: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src data: https: blob: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' https: http: blob:; style-src 'unsafe-inline' https: http: blob:; media-src 'unsafe-inline' https: http: blob:
last-modified: Fri, 14 Oct 2022 09:18:24 GMT
etag: "8804-5eafb1b9fc7c3-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 34679
content-type: application/font-woff
cache-control: public, max-age=1209600
expires: Wed, 23 Nov 2022 15:02:19 GMT
date: Wed, 09 Nov 2022 15:02:19 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/otSDKStub.js
13.38.109.224200 OK 6.9 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/otSDKStub.js
IP 13.38.109.224:0
File type ASCII text, with very long lines (21747)
Hash 835e88100140075677f7d6e5865fc7a9
2325b39c0c324e572d1563f519eaf8ef56e5b50b
33d5b63afec5f4d59c5493851a201a9d6c08fe49290d4f5fb0084e6fb14232ac
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/otSDKStub.js HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:02:00 GMT
etag: W/"636a7d78-54f4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12930
Expires: Wed, 09 Nov 2022 18:37:50 GMT
Date: Wed, 09 Nov 2022 15:02:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12930
Expires: Wed, 09 Nov 2022 18:37:50 GMT
Date: Wed, 09 Nov 2022 15:02:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12930
Expires: Wed, 09 Nov 2022 18:37:50 GMT
Date: Wed, 09 Nov 2022 15:02:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12930
Expires: Wed, 09 Nov 2022 18:37:50 GMT
Date: Wed, 09 Nov 2022 15:02:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86ec3f22045de1a100eccf27d91593ae
e26769d82108f89057b05096061f1276d34e223a
b863d19ab12945922b4d014c517f5ffe349cefe2bbe1c2f16661371f22378cbd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 1b1e2dfc-4096-45cf-adb3-58f0b1d614bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEAXHFhroAMF_Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364adc6-7b94977b4143970a48bc1857;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 06:14:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vzUPLMO4CDywKUQvQ9gbltVLYlNher7ZTXYC9A00LfwycdEmG7m9wg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 04:21:46 GMT
age: 38434
etag: "e26769d82108f89057b05096061f1276d34e223a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/bundle-utapi.5a06c13ce82a72f9080b7294f2746e49.js
13.38.109.224200 OK 47 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/bundle-utapi.5a06c13ce82a72f9080b7294f2746e49.js
IP 13.38.109.224:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 958eafee58b4954ce8092298c77c9fb8
322ce3edad9262b4dbf92930880875452aae70b4
7d8feb414425e6cc6b1ae916a72cfe999f7ed78a0deec1450f59bf8a0a9c70e7
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/bundle-utapi.5a06c13ce82a72f9080b7294f2746e49.js HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:01:54 GMT
etag: W/"636a7d72-31637"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c69b19d2273c3ade32fd0797921c0459
8cafda5659f5b36c855a2bbcaeb03aa715ddeebd
d78b92e1175207b1179c85f9490f937e1647aeae3fe95cf8b3dc336db232945e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8154
x-amzn-requestid: 1d9d6e13-69a4-473d-af4b-ef3d4382f3ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTU2EyZoAMF94w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1e-0dec203434f42df01d9a1182;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GWFybdPyZxzujAi9urpfQ_1HZCiJpmxpzg6j7a2gwdZ5E89xfc1MXg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:54:55 GMT
age: 61645
etag: "8cafda5659f5b36c855a2bbcaeb03aa715ddeebd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:43 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 62317
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.js
13.38.109.224200 OK 81 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.js
IP 13.38.109.224:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 28920496803f4577adf8a0bb882f337d
780436b276c21a006fb3bad09211d45e89acf846
2934c80a05c0054de8e6c04691f6412004f87824fe3ad7d5459fcbb59eb335c4
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.js HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:01:55 GMT
etag: W/"636a7d73-43924"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/sec-3-6.css
13.38.109.224200 OK 6.8 kB URL HTTP/2 www.express-delivery-dhl.com/info_files/sec-3-6.css
IP 13.38.109.224:0
File type ASCII text, with very long lines (609)
Hash 7ffc205553f090754de3234783d9eae6
14e1044f7b76e789abdfcced9e5cffd495744724
c169a130dd5294bf2ef35a87bee891ce8fdf7d6ee8bc6e842208d13125b36378
Analyzer Verdict Alert quad9 Sinkholed
GET /info_files/sec-3-6.css HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 16:02:01 GMT
etag: W/"636a7d79-669"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/AppMeasurement_Module_ActivityMap.min.js
13.38.109.224200 OK 0 B URL HTTP/2 www.express-delivery-dhl.com/info_files/AppMeasurement_Module_ActivityMap.min.js
IP 13.38.109.224:0
Analyzer Verdict Alert fortinet Phishing
GET /info_files/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:01:53 GMT
etag: W/"636a7d71-ce5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/assets/img/7f0d3a9b32ad319a9dd1.svg
13.38.109.224404 Not Found 0 B URL HTTP/2 www.express-delivery-dhl.com/assets/img/7f0d3a9b32ad319a9dd1.svg
IP 13.38.109.224:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /assets/img/7f0d3a9b32ad319a9dd1.svg HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: text/html
last-modified: Tue, 08 Nov 2022 03:31:06 GMT
etag: W/"328-5eced2b9b22f7"
content-encoding: br
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/otBannerSdk.js
13.38.109.224200 OK 0 B URL HTTP/2 www.express-delivery-dhl.com/info_files/otBannerSdk.js
IP 13.38.109.224:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/otBannerSdk.js HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:02:00 GMT
etag: W/"636a7d78-5c44f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/otSDKStub.js/consent/21ea6bde-3c6a-4350-a8dc-e86228114de3/21ea6bde-3c6a-4350-a8dc-e86228114de3.json
13.38.109.224404 Not Found 0 B URL HTTP/2 www.express-delivery-dhl.com/info_files/otSDKStub.js/consent/21ea6bde-3c6a-4350-a8dc-e86228114de3/21ea6bde-3c6a-4350-a8dc-e86228114de3.json
IP 13.38.109.224:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/otSDKStub.js/consent/21ea6bde-3c6a-4350-a8dc-e86228114de3/21ea6bde-3c6a-4350-a8dc-e86228114de3.json HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Cookie: cookieDisclaimer=seen
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: text/html
last-modified: Tue, 08 Nov 2022 03:31:06 GMT
etag: W/"328-5eced2b9b22f7"
content-encoding: br
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/RSVGU-547KJ-ZUMZD-ZW27F-P4RHY
13.38.109.224200 OK 0 B URL HTTP/2 www.express-delivery-dhl.com/info_files/RSVGU-547KJ-ZUMZD-ZW27F-P4RHY
IP 13.38.109.224:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/RSVGU-547KJ-ZUMZD-ZW27F-P4RHY HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: application/octet-stream
content-length: 209939
last-modified: Tue, 08 Nov 2022 16:02:01 GMT
etag: "636a7d79-33413"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.css
13.38.109.224200 OK 0 B URL HTTP/2 www.express-delivery-dhl.com/info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.css
IP 13.38.109.224:0
Analyzer Verdict Alert quad9 Sinkholed
GET /info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.css HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 16:01:55 GMT
etag: W/"636a7d73-9fd47"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/sec-cpt-3-6.js
13.38.109.224200 OK 0 B URL HTTP/2 www.express-delivery-dhl.com/info_files/sec-cpt-3-6.js
IP 13.38.109.224:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/sec-cpt-3-6.js HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:02:01 GMT
etag: W/"636a7d79-294e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/AppMeasurement.min.js
13.38.109.224200 OK 0 B URL HTTP/2 www.express-delivery-dhl.com/info_files/AppMeasurement.min.js
IP 13.38.109.224:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/AppMeasurement.min.js HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:01:53 GMT
etag: W/"636a7d71-8315"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/launch-ENa2e710b79eef40758cbb936003b8b231.min.js
13.38.109.224200 OK 0 B URL HTTP/2 www.express-delivery-dhl.com/info_files/launch-ENa2e710b79eef40758cbb936003b8b231.min.js
IP 13.38.109.224:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /info_files/launch-ENa2e710b79eef40758cbb936003b8b231.min.js HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 16:01:58 GMT
etag: W/"636a7d76-977f7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/clientlib-core.min.css
13.38.109.224200 OK 0 B URL HTTP/2 www.express-delivery-dhl.com/info_files/clientlib-core.min.css
IP 13.38.109.224:0
Analyzer Verdict Alert quad9 Sinkholed
GET /info_files/clientlib-core.min.css HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Tue, 08 Nov 2022 16:01:55 GMT
etag: W/"1d-5ecf7a8bf7e4c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.express-delivery-dhl.com/info_files/bundle-utapi.5a06c13ce82a72f9080b7294f2746e49.css
13.38.109.224200 OK 0 B URL HTTP/2 www.express-delivery-dhl.com/info_files/bundle-utapi.5a06c13ce82a72f9080b7294f2746e49.css
IP 13.38.109.224:0
GET /info_files/bundle-utapi.5a06c13ce82a72f9080b7294f2746e49.css HTTP/1.1
Host: www.express-delivery-dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.express-delivery-dhl.com/suivi.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 15:02:19 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 16:01:53 GMT
etag: W/"636a7d71-95cd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2