r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5100
Expires: Thu, 05 Jan 2023 05:01:02 GMT
Date: Thu, 05 Jan 2023 03:36:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10816
Expires: Thu, 05 Jan 2023 06:36:18 GMT
Date: Thu, 05 Jan 2023 03:36:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 05 Jan 2023 02:47:48 GMT
content-type: application/json
age: 2894
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 225d42543c0190cdb3686bf236533f4f
13a0940800fce078487372b6b3ca614dd1ab6c31
766bbe15eb1642ac39e9b71669fbb44252471c8de5adb555cd1a76db44fbe7bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "766BBE15EB1642AC39E9B71669FBB44252471C8DE5ADB555CD1A76DB44FBE7BC"
Last-Modified: Mon, 02 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5022
Expires: Thu, 05 Jan 2023 04:59:44 GMT
Date: Thu, 05 Jan 2023 03:36:02 GMT
Connection: keep-alive
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/info.php
65.111.164.41302 Found 0 B URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/info.php
IP 65.111.164.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish DHL Airways, Inc.
quad9 Sinkholed
GET /dhlexpilcanda/dhl/info.php HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 05 Jan 2023 03:36:02 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i; path=/
Strict-Transport-Security: max-age=15768000
Location: index.php
X-XSS-Protection: 1; mode=block
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zMXKuy1JRfw4Yvwu/aPfS5Ti028BbDLyH8WWh8LAopuU05Uewe1qrRcu2xTPDoq3AdPFQiGhfjs=
x-amz-request-id: SXDR0YRKF4SP7Q3C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 05 Jan 2023 03:01:34 GMT
age: 2068
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 03:36:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 05 Jan 2023 03:33:37 GMT
age: 145
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe74c226e54f2f382d278b594df930ae
4e4ebc661443f56b74d7c924ddae50bcb107f0af
511f11fe968867447f6d7e5862d8003e3a5fc18bdb62496ea09d140e9a11f53b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5530
Cache-Control: max-age=111778
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 03:36:03 GMT
Etag: "63b541ab-1d7"
Expires: Fri, 06 Jan 2023 10:39:01 GMT
Last-Modified: Wed, 04 Jan 2023 09:06:51 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Cwq9lYfz929UHqJdnMRKFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i6q8zP6bQ4CYIypBSSXp03k8Zww=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10968
Expires: Thu, 05 Jan 2023 06:38:51 GMT
Date: Thu, 05 Jan 2023 03:36:03 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10968
Expires: Thu, 05 Jan 2023 06:38:51 GMT
Date: Thu, 05 Jan 2023 03:36:03 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10968
Expires: Thu, 05 Jan 2023 06:38:51 GMT
Date: Thu, 05 Jan 2023 03:36:03 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10968
Expires: Thu, 05 Jan 2023 06:38:51 GMT
Date: Thu, 05 Jan 2023 03:36:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a9375cec16bfe696766c8d373d9b54
2167c2f197dd44558ac2dea500d8b6b3cfa50e83
6f94fe0c817b031d913d53fee6b317148bdabea044102b8f0c9df8a3737d59f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10696
x-amzn-requestid: 2117681b-ee8b-4881-b860-087a8662a3c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7xM1FK7oAMFd4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae2f1e-5a3648ba2ac7ba01177f361d;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 00:21:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: q6iynVloHNnImjEwinGPE2aK--d_0Qz8LhHe3a6NqOJhTDhuYjCgrA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 09:17:12 GMT
age: 65931
etag: "2167c2f197dd44558ac2dea500d8b6b3cfa50e83"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5507a575-db90-4030-a625-ae482beacb61.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5507a575-db90-4030-a625-ae482beacb61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 165bf3d40f0584e3b9839304ede47c76
27da520440229f2239721371d9338eb81a8b4b93
00075a96a87b16edb302ccc862e0dc9691c7195ac227ae805bc88ebe8dd3ee52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5507a575-db90-4030-a625-ae482beacb61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9690
x-amzn-requestid: eba6ad45-abca-4781-88d0-28514de35851
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePMB5GxGIAMFZcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5f3a5-2f3844833b7ead4f7121ae11;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 21:46:13 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AUNmGdRW5uyYG9Yiwi4ZR7Ss-aD5k5FuDgyHAgnuJgmtG-S2WQ4T6w==
via: 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:57:37 GMT
age: 20306
etag: "27da520440229f2239721371d9338eb81a8b4b93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f22f65ce84ef540224278e198edbe5dd
e64e4d49a0a630036019dbb06a8e5a526323975f
ad334d8c521c61a83836cecc0c2b2e19381d361c75a8f79a2c00536fdad5f4df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7329
x-amzn-requestid: b78bdef1-e211-44e7-b08f-47be8c5ea903
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJWIBGiYoAMF3EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b39d66-283f922756ee2b985c85bbb6;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 03:13:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ndC9iWs4MJqPSlJXAoFBp-DIdCdgMWE7Jx1xY7_z1qoBOqdF6LxMpQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 03:23:52 GMT
age: 731
etag: "e64e4d49a0a630036019dbb06a8e5a526323975f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F038e46b4-c5e2-4f46-817c-434795e1e545.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F038e46b4-c5e2-4f46-817c-434795e1e545.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ce88a04d7f32ce0497bd84db44da8d4
761049019c342553004815ea394dcf282f2cc613
038aa4e5da1428524de833071814998d6c1d8b8b60d4e9c10e60d8a75f7b88fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F038e46b4-c5e2-4f46-817c-434795e1e545.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5601
x-amzn-requestid: 54813ea9-9435-4355-910b-5b4d1eadf2ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGlhgHU1oAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b282d6-17e772ae5b70371367792063;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 07:08:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hB4FJa_z49ZYA_EY_5CH9CVlU2tYkrhayxyWMmR8lNxR10rjfff-MQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 07:33:02 GMT
age: 72181
etag: "761049019c342553004815ea394dcf282f2cc613"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 008614d302ad57bc6502ad5e07652378
968bc262d2939ec6f0dce9d852682c0aaf86d3d7
5eab9a2591f0f9761ba3b90a5a191b79b6326cccb1ee6b586b00dfc1517c8db6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4248
x-amzn-requestid: 17ccfd69-0d12-42ac-b111-059a68735e70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eCutmF7mIAMFW2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b0f7f0-5e1653641a0303815656a578;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 03:03:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zxPQmFj8Y1QxN5CKzoPL9l_tBPeokp60xLh7nhRHTWjcdKreTPy01A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 07:08:57 GMT
age: 73626
etag: "968bc262d2939ec6f0dce9d852682c0aaf86d3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f09f2c-6ba2-47e7-b5e9-ca1acce3a146.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f09f2c-6ba2-47e7-b5e9-ca1acce3a146.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cf33ce3c68b01f0c8f73549306ccfbc
621283dc19de9d911c21e75236b7218fd0096909
f5127032147e1659d3c9ad662b54a857c57020bb8daa4fd9974909b91224cdb8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f09f2c-6ba2-47e7-b5e9-ca1acce3a146.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5872
x-amzn-requestid: 3fef792c-199f-4317-a73f-be0832b978a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eAAvUFDLIAMFZbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afe195-2c1dc89f193aaba84a4563ee;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 07:15:33 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 5Vc5H_cA73sOXSUOy2GsC6UGsQ4kfKhCNmNp7v18Hx45z4onAIa-Cg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 07:40:15 GMT
age: 71748
etag: "621283dc19de9d911c21e75236b7218fd0096909"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/index.php
65.111.164.41302 Found 3 B URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/index.php
IP 65.111.164.41:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/index.php HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 05 Jan 2023 03:36:02 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000
Location: info.php
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/info.php
65.111.164.41200 OK 6.7 kB URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/info.php
IP 65.111.164.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4940)
Hash e4ca6e09915ffd6adff79a54ad00aa74
dc5a1d3b7f3c4eebc9c7116bc19341a5946f50a6
99792bd009fa0aad080e10398fb9c9b8aea0e69ba3d7f9a7c11a6f909a13f6b5
Analyzer Verdict Alert openphish DHL Airways, Inc.
quad9 Sinkholed
GET /dhlexpilcanda/dhl/info.php HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:36:04 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/js/jquery.js
65.111.164.41200 OK 30 kB URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/js/jquery.js
IP 65.111.164.41:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 863a1ad55c010457822334c94889c6db
393769fda37eb9f5394bcbc50180cf11f1c6537f
5ea43fe3744481e74f9b5bb243bbc718c66cd15264590473016be8c73035deae
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/files/js/jquery.js HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/info.php
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:36:04 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Last-Modified: Sun, 06 May 2018 08:07:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Content-Length: 30248
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/css/main.css
65.111.164.41200 OK 89 kB URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/css/main.css
IP 65.111.164.41:0
File type ASCII text, with very long lines (1142), with CRLF line terminators
Hash cda8d3bc9a911e3734bca1418693d3da
f9cf8a122dcc4d7cc204782c2d7d4eda750598d9
6f7f49c30628c21a62e44946fb18ebf540c7bde91f4e6ca6f55f8a24839f3864
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/files/css/main.css HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/info.php
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:36:04 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Last-Modified: Wed, 25 Nov 2020 19:27:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/img/glo-footer-logo.svg
65.111.164.41200 OK 12 kB URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/img/glo-footer-logo.svg
IP 65.111.164.41:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (656)
Hash d1b0e043744fd642282117a03d308b17
d8abe7a0887b804e516c45a344c542e291a1a84b
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/files/img/glo-footer-logo.svg HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/info.php
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:36:05 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 20 Oct 2020 03:47:04 GMT
Accept-Ranges: bytes
Content-Length: 11968
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/img/dhl-logo.svg
65.111.164.41200 OK 1.6 kB URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/img/dhl-logo.svg
IP 65.111.164.41:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3fecc9db35d5d2a9e6e71ab4b02d22e5
628ba2f505b480097445aaf08649a08242bd6847
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/files/img/dhl-logo.svg HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/info.php
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:36:05 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 20 Oct 2020 03:47:02 GMT
Accept-Ranges: bytes
Content-Length: 1603
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/img/glo.svg
65.111.164.41200 OK 1.1 kB URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/img/glo.svg
IP 65.111.164.41:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2675cbe725f294695cebc4a0aaa74505
79f51edb2edae65bc9247438206c09b13512c2db
7b7e4adb65aa53b1bc731f15511c53d5beb73f187d5c5f35f19ebbfaf0decbbd
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/files/img/glo.svg HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/info.php
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:36:05 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 17 Nov 2020 20:21:58 GMT
Accept-Ranges: bytes
Content-Length: 1104
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/img/lod.gif
65.111.164.41200 OK 18 kB URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/img/lod.gif
IP 65.111.164.41:0
File type GIF image data, version 89a, 200 x 103\012- data
Hash f3ffb13cf88b13ec557e6149371b361d
3c72f0855b4bd6e3b45675a5e8b08c8fb7a98f49
ce6a239fde88d8fb01c7a10d6f7b27d1bc23f5462d02f5ebb4927479fa32a302
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/files/img/lod.gif HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/info.php
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:36:05 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Last-Modified: Wed, 21 Oct 2020 02:45:00 GMT
Accept-Ranges: bytes
Content-Length: 17585
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/img/arrow.svg
65.111.164.41200 OK 311 B URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/img/arrow.svg
IP 65.111.164.41:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash bf74c2d1662a63c8d94a749fc1a43de1
ee52ec790106e30c1ebb94dd04d672436a38ec08
d8748acb2eead2bb284ccec7029faaa404c1f2bda9cbeae2d777b9033e473a9d
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/files/img/arrow.svg HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/css/main.css
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:36:05 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Last-Modified: Sun, 22 Nov 2020 19:49:48 GMT
Accept-Ranges: bytes
Content-Length: 311
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/assets/fonts/5132a7ca80ea9e18ec8cecc618cf5a0b.woff
65.111.164.41404 Not Found 196 B URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/assets/fonts/5132a7ca80ea9e18ec8cecc618cf5a0b.woff
IP 65.111.164.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/files/assets/fonts/5132a7ca80ea9e18ec8cecc618cf5a0b.woff HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/css/main.css
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
HTTP/1.1 404 Not Found
Date: Thu, 05 Jan 2023 03:36:05 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/assets/fonts/c2d3739d2debffea340a58b7b8ab3c61.woff
65.111.164.41404 Not Found 196 B URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/assets/fonts/c2d3739d2debffea340a58b7b8ab3c61.woff
IP 65.111.164.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/files/assets/fonts/c2d3739d2debffea340a58b7b8ab3c61.woff HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/css/main.css
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
HTTP/1.1 404 Not Found
Date: Thu, 05 Jan 2023 03:36:05 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/assets/fonts/d2c082a9f78e61ea7ccefecaca4da8a3.woff
65.111.164.41404 Not Found 196 B URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/assets/fonts/d2c082a9f78e61ea7ccefecaca4da8a3.woff
IP 65.111.164.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/files/assets/fonts/d2c082a9f78e61ea7ccefecaca4da8a3.woff HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/css/main.css
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
HTTP/1.1 404 Not Found
Date: Thu, 05 Jan 2023 03:36:05 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/assets/fonts/03f859bf58e4d37841070de34be7d978.woff
65.111.164.41404 Not Found 196 B URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/assets/fonts/03f859bf58e4d37841070de34be7d978.woff
IP 65.111.164.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/files/assets/fonts/03f859bf58e4d37841070de34be7d978.woff HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/css/main.css
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
HTTP/1.1 404 Not Found
Date: Thu, 05 Jan 2023 03:36:05 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/assets/fonts/e39bd2e2657ce5dd6f9c33df18529233.woff
65.111.164.41404 Not Found 196 B URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/assets/fonts/e39bd2e2657ce5dd6f9c33df18529233.woff
IP 65.111.164.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/files/assets/fonts/e39bd2e2657ce5dd6f9c33df18529233.woff HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/css/main.css
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
HTTP/1.1 404 Not Found
Date: Thu, 05 Jan 2023 03:36:05 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/img/favicon.ico
65.111.164.41200 OK 1.2 kB URL HTTP/1.1 candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/files/img/favicon.ico
IP 65.111.164.41:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e
Analyzer Verdict Alert quad9 Sinkholed
GET /dhlexpilcanda/dhl/files/img/favicon.ico HTTP/1.1
Host: candadhelexprscanda.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://candadhelexprscanda.builderallwppro.com/dhlexpilcanda/dhl/info.php
Cookie: PHPSESSID=7ibivejl77ih07q04ihat9lr7i
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:36:05 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Last-Modified: Fri, 23 Oct 2020 17:46:12 GMT
Accept-Ranges: bytes
Content-Length: 1150
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3b4649b-af64-4a5a-a27f-7ce64e847119.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3b4649b-af64-4a5a-a27f-7ce64e847119.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc016e8d2ccf978fbdda03d25aa5f38d
d1d9d3169fa06ab1f165a7727ceafd70f448bcb1
73ad3ca2406444b064977848842333a9de43499856e899b620dc19d4742c7b16
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3b4649b-af64-4a5a-a27f-7ce64e847119.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4915
x-amzn-requestid: ddf9b16e-ae8d-4772-9e0d-85bfbd3da78c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGCNXHGUIAMFuiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b24a55-5a242201531033f1017e2813;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 03:07:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wOs0JZud8p_7cmNME7SldNYfE0nFIO7A0YU3yCpeKLzNAbi4FDObZw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 06:28:01 GMT
age: 76089
etag: "d1d9d3169fa06ab1f165a7727ceafd70f448bcb1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2