r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 0e93d32de9bcebd3483b40a8fed30718
7e1fe5db1f08b75a079780717e4f18ad76767212
4f0aaacfefd27c89225a1a0d2fbe778ec4f3369b5e4e1599255bf12866196cd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F0AAACFEFD27C89225A1A0D2FBE778EC4F3369B5E4E1599255BF12866196CD4"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7902
Expires: Fri, 30 Dec 2022 21:46:11 GMT
Date: Fri, 30 Dec 2022 19:34:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 5c6a87f6d6b5c54dcb1b630ae6001c73
e0315c9936d6f2f58ff7d078e74a8ec7802265a8
d88ef07b9fcfb42d27a490cb57df4adaf3261efc7d0b38246db387da3ca32a8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D88EF07B9FCFB42D27A490CB57DF4ADAF3261EFC7D0B38246DB387DA3CA32A8D"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10540
Expires: Fri, 30 Dec 2022 22:30:09 GMT
Date: Fri, 30 Dec 2022 19:34:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 30 Dec 2022 18:35:33 GMT
content-type: application/json
age: 3536
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 6d6d99cd1201f65eeb7d437b62bad1f3
6d5e41d7a2786ccaad7c7276ecdd9411f8cbd6ba
db2b42007fc4ad126c8af8d7cce27af88947231d09ded56da33cfee3d2594e23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB2B42007FC4AD126C8AF8D7CCE27AF88947231D09DED56DA33CFEE3D2594E23"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7822
Expires: Fri, 30 Dec 2022 21:44:51 GMT
Date: Fri, 30 Dec 2022 19:34:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1uqSiokgh6cC6E2W+F7za/PejDXkigGHy8o5HN4HPNybRJS29DS/Os0ExMxKKxEIie6zxlwIJCE=
x-amz-request-id: WS620YFT55J1MBQA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 30 Dec 2022 18:57:07 GMT
age: 2242
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Dec 2022 19:34:29 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 420a889597c079ab2baf017f5a1fe8b5
404b03ae0d44bef23cc83083749c5e1148e113ee
9a9dbca7a94baa631a73a8de6d92674dc0458bb64646c2b914ba5f3a47129286
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 19:34:30 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Thu, 29 Dec 2022 00:10:26 GMT
Expires: Thu, 05 Jan 2023 00:10:25 GMT
Etag: "404b03ae0d44bef23cc83083749c5e1148e113ee"
Cache-Control: max-age=447954,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 781d369589e7b506-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 30 Dec 2022 19:08:08 GMT
age: 1582
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
delivery.imaginedbyjess.co/public/9yID4v6FOTmQokT2mjqyuL5Hm0PrcEUM
192.232.249.125302 Found 211 B URL HTTP/2 delivery.imaginedbyjess.co/public/9yID4v6FOTmQokT2mjqyuL5Hm0PrcEUM
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8322ad4e37ab2667f34e344e0fae194f
33091bc6b878c27c762d4d3035f57538fdf943f1
8c50cf66b8c4868fdede8b12228ee536ada58046e0572b7d339f083b2f68a2fc
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /public/9yID4v6FOTmQokT2mjqyuL5Hm0PrcEUM HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
cache-control: no-cache, private
date: Fri, 30 Dec 2022 19:34:30 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IjNnc24rSHhET09rejd4ZDZrV0NOWXc9PSIsInZhbHVlIjoiQ1hzNHZJck05MGpsdmx6Qmx0SVNpYUFGdWhhS2Mra2dOdHdRYk1hbkU0RUl4UXRMTDBoemx0Z3VpdzdERzYzc2hEUmtJQjZ0V0lPRWhsY09wa0NieWtHbkE2cHQwS0ovbGxVaHplSkJWcjBQcDFQamh3Njh0anlBZzk4Vk9Qc0ciLCJtYWMiOiJjYWMxMzYxMjc1YjhlNDQwYzdkZWQ0NzQyODhkOThjMjFjYWYxMTcwYTY4NjhkZGEzNWIxNmQ5MGY2NDNlMzMyIiwidGFnIjoiIn0%3D; expires=Fri, 30-Dec-2022 21:34:30 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IjFNSzJYejBxRWNjVjQ3V1lIVjhERFE9PSIsInZhbHVlIjoiUFcvaFBHRnJjKzdxTDltT0U4NXVhbFZjQ3I2RFJSYnpBeDlhZ0RWTkw3NEo1SlpnZUE4YTRYMVIwTXVIeERueC9NZnFJZ0NWU2pOcHFpajhNOG16Q1VZak1HVlR3dFBoWGhLcElsdWhoL1V2VGp4ZlFlS1hJOHY2OFFQNTR5TUMiLCJtYWMiOiI5YmE4Mjg5ODY5NThmODFkN2UzMjhlMjYzMzhiZGQ4ZTI5YTg5NmRmNzRhYzIxMzk1ODNjNjAzN2MyOWZhMTc5IiwidGFnIjoiIn0%3D; expires=Fri, 30-Dec-2022 21:34:30 GMT; Max-Age=7200; path=/; httponly; samesite=lax
location: https://delivery.imaginedbyjess.co/public
vary: Accept-Encoding
content-encoding: gzip
content-length: 211
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 553f97ab8a2c2f1abe4ee932cf6dab42
9e9433075523efb0cf7d13b6811d237c4b48f099
8a7c26f298fb34ec9d5cbd977a2677118b9360ad3134bb56171c13d4d13da540
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 59
Cache-Control: max-age=135196
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 19:34:30 GMT
Etag: "63aeaa27-1d7"
Expires: Sun, 01 Jan 2023 09:07:46 GMT
Last-Modified: Fri, 30 Dec 2022 09:06:47 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
delivery.imaginedbyjess.co/public
192.232.249.125301 Moved Permanently 250 B URL HTTP/2 delivery.imaginedbyjess.co/public
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2fb079c92edf1a882220b7157b0fcd2e
8812e755554289f4dc49156fe827534cd660c1f9
d1213278df118db5d290b558ec725c11c7bef8d19d0bf9a01b72ed568aea31ef
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /public HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjNnc24rSHhET09rejd4ZDZrV0NOWXc9PSIsInZhbHVlIjoiQ1hzNHZJck05MGpsdmx6Qmx0SVNpYUFGdWhhS2Mra2dOdHdRYk1hbkU0RUl4UXRMTDBoemx0Z3VpdzdERzYzc2hEUmtJQjZ0V0lPRWhsY09wa0NieWtHbkE2cHQwS0ovbGxVaHplSkJWcjBQcDFQamh3Njh0anlBZzk4Vk9Qc0ciLCJtYWMiOiJjYWMxMzYxMjc1YjhlNDQwYzdkZWQ0NzQyODhkOThjMjFjYWYxMTcwYTY4NjhkZGEzNWIxNmQ5MGY2NDNlMzMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjFNSzJYejBxRWNjVjQ3V1lIVjhERFE9PSIsInZhbHVlIjoiUFcvaFBHRnJjKzdxTDltT0U4NXVhbFZjQ3I2RFJSYnpBeDlhZ0RWTkw3NEo1SlpnZUE4YTRYMVIwTXVIeERueC9NZnFJZ0NWU2pOcHFpajhNOG16Q1VZak1HVlR3dFBoWGhLcElsdWhoL1V2VGp4ZlFlS1hJOHY2OFFQNTR5TUMiLCJtYWMiOiI5YmE4Mjg5ODY5NThmODFkN2UzMjhlMjYzMzhiZGQ4ZTI5YTg5NmRmNzRhYzIxMzk1ODNjNjAzN2MyOWZhMTc5IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 301 Moved Permanently
location: https://delivery.imaginedbyjess.co/public/
content-length: 250
content-type: text/html; charset=iso-8859-1
date: Fri, 30 Dec 2022 19:34:30 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.187.31.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.31.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7u8bF1NfYdKAX0jurH8IOQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GD5MLyAEuh6wE2fzhcLtV7Rxw8I=
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5357
Expires: Fri, 30 Dec 2022 21:03:48 GMT
Date: Fri, 30 Dec 2022 19:34:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5357
Expires: Fri, 30 Dec 2022 21:03:48 GMT
Date: Fri, 30 Dec 2022 19:34:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5357
Expires: Fri, 30 Dec 2022 21:03:48 GMT
Date: Fri, 30 Dec 2022 19:34:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2de568-8b33-4d12-9106-7572f02ecbb1.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2de568-8b33-4d12-9106-7572f02ecbb1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 31d49f75781806f50df72ef4fdaa58f5
dc95fbf5234792c673e8167db1c6bbbbe037e65a
ddc369bfd6a15cfa1bc16a4d36e67a96aefca71fbb37c5736ebdf4577a2bd232
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2de568-8b33-4d12-9106-7572f02ecbb1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10251
x-amzn-requestid: b3548ad3-066b-4908-828e-857d14028fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7ZUtH09IAMFmgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae08ea-32d0ae852ae4332751a274d3;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:38:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LL7xpalzGYAFomhGYwmo_aapLDsrd5_xwCEbZNyJveTL3-Qttzfwvg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:11:59 GMT
age: 76952
etag: "dc95fbf5234792c673e8167db1c6bbbbe037e65a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5357
Expires: Fri, 30 Dec 2022 21:03:48 GMT
Date: Fri, 30 Dec 2022 19:34:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab5cb9e-53fc-4a70-831a-6d6bd503103e.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab5cb9e-53fc-4a70-831a-6d6bd503103e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9d1857128ab6a237e6854c7a3532b51
702ab1eb38be637f012e1454201b9a7561c29081
48fbf5b5aa1cf66fcdaafe68c72ac073d2ba9b6dedf76ebfaafdc88836fa0fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab5cb9e-53fc-4a70-831a-6d6bd503103e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4833
x-amzn-requestid: 46ef49d7-dadb-4665-84bf-1c331ed8fce6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7ZU2E3IIAMFxAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae08eb-28af0ab9094d7c21560a60db;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YyIKd_GHAixWYqzjn0XD2Jwal3Jt62L90StfgPkCkJWU3RQml-u6oA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:01:39 GMT
age: 77572
etag: "702ab1eb38be637f012e1454201b9a7561c29081"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b72d4d2-0340-4f3f-9cb2-a0ff1e1ece28.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b72d4d2-0340-4f3f-9cb2-a0ff1e1ece28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0f02288213f270c5a4a8944107c81e9
d17f3594e4aa86aa1b28849bbc3c7f1d45d938ea
770e6cc997aafc1c0485af4fa413fa255868a5d333e8e60e7de90b4c74bf29bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b72d4d2-0340-4f3f-9cb2-a0ff1e1ece28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8494
x-amzn-requestid: 8dc4c6ae-ecb5-427d-be0a-535585f19b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7ZUXHR1IAMFn4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae08e8-326ee70106b8fa9d2c4d540b;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:38:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fR6Tky8KiadgDTqrGN7QKIldTbOm8rIxJXZOtT6FyjBC6gafdCd33A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:01:38 GMT
age: 77574
etag: "d17f3594e4aa86aa1b28849bbc3c7f1d45d938ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e270e4d21abb133d068a56a552b1708
2d5c698f982dcdb9a86de4e45e30d7caf9b42336
723573f9908c5a2aa1d3dfe1146a764d7052c866ff2076a9096daccf5697328b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11775
x-amzn-requestid: 5a37b577-ac86-4cab-a580-865059074844
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7aqKGzTIAMFmIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0b0d-7de39bba5583d757794dbd9e;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:47:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4OqJ-KiLeDe3iVqhLUhzcqiWrDHc3sZa808qTuPMDLdhP6FOFdGhkg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:10:15 GMT
etag: "2d5c698f982dcdb9a86de4e45e30d7caf9b42336"
content-type: image/jpeg
age: 77057
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26073be1-1851-4348-a892-ee39e3b6f635.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26073be1-1851-4348-a892-ee39e3b6f635.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9f3c92ff3db8e0ec87e86aa28346ea5
c4cc987d54675d9285b43954ab8f010e5a258d9e
94be9c845c6373424c519720e61e2a1397f7390028d43dcdbf536686a7740b6b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26073be1-1851-4348-a892-ee39e3b6f635.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9569
x-amzn-requestid: 5e67dc3c-470b-4b8e-a2fd-0a7ae7ade4dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d21gLHgLIAMFygQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ac3600-6317a97c21aae4fc13cdd27b;Sampled=0
x-amzn-remapped-date: Wed, 28 Dec 2022 12:26:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xScDAd-p3iFuIWh0vmyGngwsfeLiYAB9iae-rbakrgil9cLtKWejRw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 21:46:54 GMT
age: 78458
etag: "c4cc987d54675d9285b43954ab8f010e5a258d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5684f9da-4da1-47fc-a5ba-8f30a894d588.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5684f9da-4da1-47fc-a5ba-8f30a894d588.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ebe131c7787411178a93d045ba57b5a
40b601b6ad3a3d7738b5b55777981598f4dc0519
68ea133b346bd1f76cd7b4dcf5023d8f987935dff380bacec73dec957effb97e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5684f9da-4da1-47fc-a5ba-8f30a894d588.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11516
x-amzn-requestid: e4e9ceeb-b2e5-454f-9550-d412fc0be82a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7aRLGuqoAMF3JA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0a6d-6ed43b46144121dc2dd7db2f;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:45:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k0PrvFSOqoZYQXx_0QjokoJbSVcXMpPcLFw2qrfQvyvegLMw4rghTA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:16:26 GMT
age: 76686
etag: "40b601b6ad3a3d7738b5b55777981598f4dc0519"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
delivery.imaginedbyjess.co/public/
192.232.249.125200 OK 363 B URL HTTP/2 delivery.imaginedbyjess.co/public/
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash dba9244783c14a4e5935b44e335601d8
1eda801fa957139b703af41ec10eff23165e03ba
7753371b2ec3aa4f4094cbb114bdc5ea12245242c95f61e113a0be44bc0c4927
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /public/ HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjNnc24rSHhET09rejd4ZDZrV0NOWXc9PSIsInZhbHVlIjoiQ1hzNHZJck05MGpsdmx6Qmx0SVNpYUFGdWhhS2Mra2dOdHdRYk1hbkU0RUl4UXRMTDBoemx0Z3VpdzdERzYzc2hEUmtJQjZ0V0lPRWhsY09wa0NieWtHbkE2cHQwS0ovbGxVaHplSkJWcjBQcDFQamh3Njh0anlBZzk4Vk9Qc0ciLCJtYWMiOiJjYWMxMzYxMjc1YjhlNDQwYzdkZWQ0NzQyODhkOThjMjFjYWYxMTcwYTY4NjhkZGEzNWIxNmQ5MGY2NDNlMzMyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjFNSzJYejBxRWNjVjQ3V1lIVjhERFE9PSIsInZhbHVlIjoiUFcvaFBHRnJjKzdxTDltT0U4NXVhbFZjQ3I2RFJSYnpBeDlhZ0RWTkw3NEo1SlpnZUE4YTRYMVIwTXVIeERueC9NZnFJZ0NWU2pOcHFpajhNOG16Q1VZak1HVlR3dFBoWGhLcElsdWhoL1V2VGp4ZlFlS1hJOHY2OFFQNTR5TUMiLCJtYWMiOiI5YmE4Mjg5ODY5NThmODFkN2UzMjhlMjYzMzhiZGQ4ZTI5YTg5NmRmNzRhYzIxMzk1ODNjNjAzN2MyOWZhMTc5IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, private
date: Fri, 30 Dec 2022 19:34:30 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6Imh6SkJVUzhGcVJ5S2NKNmIxV3d5MkE9PSIsInZhbHVlIjoiWEhRSmNFbERPcCtuaFJWVngzSXVDL2Vqb0djOW9aTHVrbjQyeHdXWWxadjJjeXl2WCtuUEJQUkdYMFQzUlY4RXp0eVZJOVp1ZUMxbnd4a294dnlOWmZLV0pvb0RvUFVpOUo3Rmxkb0JUZUd2dXVheGFNZmM5cXJiZVdsWUc4dFUiLCJtYWMiOiIyYjdiNDg0ZmNlNTNjODI4ZThkOTRkODEwZjJhMWY5OGRiNmFkZThiMjNmMTA2MjM5NDY3YmU5MTc3YjczYjc5IiwidGFnIjoiIn0%3D; expires=Fri, 30-Dec-2022 21:34:32 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IlZHSzJaUHluOEVGaEduYi9pOFFSZ2c9PSIsInZhbHVlIjoiUzgxZVRzUVV2aldZcHFBQlNRQldoQWQzWFdQbDV4cWV4eTJ5ZXFkL0xEc09EeVFuOURzRFpSNU1TNmRaUXYrcVJja043WmM1M1RuaVQyWEY5N29VVk5MeHMzRVZpdTRoQjRpTUwxUWlEckJRU2IvakZGalBWVjg3V21pQ1Y4MSsiLCJtYWMiOiIxZTljMGVmMGJmMGVmNGRlODg4YzEzN2I0Y2Y5OTMwZmE3ODdiNzM0MWExZThiYmUxYTM3MDBlN2U5NzY3ZDU0IiwidGFnIjoiIn0%3D; expires=Fri, 30-Dec-2022 21:34:32 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
content-encoding: gzip
content-length: 363
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ee4910b0796e73c90509d3b38a3d2bb1
ace65518cd3e8239a79113f4949bf1183e87facd
afd28b2b01a8ddb204c2709d25a69a8914498c7f20059ff1cd8c1f5576feab3f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5367
Cache-Control: max-age=170737
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 19:34:32 GMT
Etag: "63af2042-117"
Expires: Sun, 01 Jan 2023 19:00:09 GMT
Last-Modified: Fri, 30 Dec 2022 17:30:42 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
104.16.87.20200 OK 1.5 kB URL HTTP/2 cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
IP 104.16.87.20:0
File type ASCII text, with very long lines (2400)
Hash c8a4c193b9854708db49ce385a18d9ce
74e23db06c781c714f5307ac391e27b2bacce706
de3b83ab03226aec1f1a3b71e5799d138ecacdc38ca0491c2da321899f04641c
GET /gh/killbot-org/Killbot-JS@latest/dist/main.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 19:34:32 GMT
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"a7c-kmbumraAtj1yBda8Zbl2dRPRYqU"
x-served-by: cache-fra19138-FRA, cache-yyz4558-YYZ
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 30734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEHzlN7xsIK0FqwkgqufqcGYoSc8DxfjaTK5uT1U5vpw0eptmEAeQCOBQb%2FK1Esi8tCqHhRK3UwdiurYI12P6Uy6Q25S1d%2FUgCP8NUVuy4a7v0RLgNhcM3UH4c91Akss5MU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 781d36a3afd1b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
delivery.imaginedbyjess.co/8V4ZuHqnyfsXgtnWPn5WSV4LAkABvACA/
192.232.249.125301 Moved Permanently 282 B URL HTTP/2 delivery.imaginedbyjess.co/8V4ZuHqnyfsXgtnWPn5WSV4LAkABvACA/
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4e1ff0cc9566a7f4b35941f056c8c5dc
dce7d6a0dbe3933d1982c35d36ab0e2cbc256539
ff123174badf5a97e2259bef58e858169ffc3819be010235af9a6523ef1cf12f
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /8V4ZuHqnyfsXgtnWPn5WSV4LAkABvACA/ HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/public/
Cookie: XSRF-TOKEN=eyJpdiI6Imh6SkJVUzhGcVJ5S2NKNmIxV3d5MkE9PSIsInZhbHVlIjoiWEhRSmNFbERPcCtuaFJWVngzSXVDL2Vqb0djOW9aTHVrbjQyeHdXWWxadjJjeXl2WCtuUEJQUkdYMFQzUlY4RXp0eVZJOVp1ZUMxbnd4a294dnlOWmZLV0pvb0RvUFVpOUo3Rmxkb0JUZUd2dXVheGFNZmM5cXJiZVdsWUc4dFUiLCJtYWMiOiIyYjdiNDg0ZmNlNTNjODI4ZThkOTRkODEwZjJhMWY5OGRiNmFkZThiMjNmMTA2MjM5NDY3YmU5MTc3YjczYjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlZHSzJaUHluOEVGaEduYi9pOFFSZ2c9PSIsInZhbHVlIjoiUzgxZVRzUVV2aldZcHFBQlNRQldoQWQzWFdQbDV4cWV4eTJ5ZXFkL0xEc09EeVFuOURzRFpSNU1TNmRaUXYrcVJja043WmM1M1RuaVQyWEY5N29VVk5MeHMzRVZpdTRoQjRpTUwxUWlEckJRU2IvakZGalBWVjg3V21pQ1Y4MSsiLCJtYWMiOiIxZTljMGVmMGJmMGVmNGRlODg4YzEzN2I0Y2Y5OTMwZmE3ODdiNzM0MWExZThiYmUxYTM3MDBlN2U5NzY3ZDU0IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
location: https://delivery.imaginedbyjess.co/public/8V4ZuHqnyfsXgtnWPn5WSV4LAkABvACA
content-length: 282
content-type: text/html; charset=iso-8859-1
date: Fri, 30 Dec 2022 19:34:32 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 96f0211f2452ba472ec14367c3f2d378
0f6c2933e4b732786990c60c191df4320e4c6f18
1f8fb4ee784e9d7f4fbbed5d3b946fca1b971c529a9638de454908ebff336958
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5079
Cache-Control: max-age=151016
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 19:34:33 GMT
Etag: "63aed45a-1d7"
Expires: Sun, 01 Jan 2023 13:31:29 GMT
Last-Modified: Fri, 30 Dec 2022 12:06:50 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0392f0e9c253dae04f19ef37531fcc0e
c2fd1a3c7864c3075c199211e7b91823fad598dd
7a6af978c12295b95496d49a46df9a4b474d24ee91acad34d1220883000e9eac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3126
Cache-Control: max-age=92569
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 19:34:33 GMT
Etag: "63adf7ac-117"
Expires: Sat, 31 Dec 2022 21:17:22 GMT
Last-Modified: Thu, 29 Dec 2022 20:25:16 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 19:34:33 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 772946
expires: Wed, 20 Dec 2023 19:34:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6er94RbMez8XyRvecjzteACJ9Jn7Fgji5DobUNqZ7QgV1%2B4eSXAbSw%2BNFSRrvnCiB37gdLy%2FHoKaBVKgYT8xDWmfFVph6V2SK7oXHtu0gR9%2FffucoKObK8bnw95%2FJ1%2FlbuDf1f14"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 781d36a86a11b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0392f0e9c253dae04f19ef37531fcc0e
c2fd1a3c7864c3075c199211e7b91823fad598dd
7a6af978c12295b95496d49a46df9a4b474d24ee91acad34d1220883000e9eac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3566
Cache-Control: max-age=93009
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 19:34:33 GMT
Etag: "63adf7ac-117"
Expires: Sat, 31 Dec 2022 21:24:42 GMT
Last-Modified: Thu, 29 Dec 2022 20:25:16 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c12986dd5b9c878b5ff81b407a572a63
d3e7fbc7598314dfd86682c7142b53e0bff08db0
45b88b06a4404a6bf02061ee1d391b11e71e34702007f925bfb6a608493848c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3334
Cache-Control: max-age=140619
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 19:34:33 GMT
Etag: "63aeb28e-116"
Expires: Sun, 01 Jan 2023 10:38:12 GMT
Last-Modified: Fri, 30 Dec 2022 09:42:38 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 23b72801078f215d4ace26c19848dcdf
dbef51078710560635566ba98745b063f0934575
415bb2b8d0b92bceb183bc87c5fb0d06ab13ecea8de41d29d0bf0306b9cce250
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6372
Cache-Control: max-age=159540
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 19:34:33 GMT
Etag: "63aef099-116"
Expires: Sun, 01 Jan 2023 15:53:33 GMT
Last-Modified: Fri, 30 Dec 2022 14:07:21 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 23b72801078f215d4ace26c19848dcdf
dbef51078710560635566ba98745b063f0934575
415bb2b8d0b92bceb183bc87c5fb0d06ab13ecea8de41d29d0bf0306b9cce250
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2979
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 19:34:33 GMT
Last-Modified: Fri, 30 Dec 2022 18:44:54 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 23b72801078f215d4ace26c19848dcdf
dbef51078710560635566ba98745b063f0934575
415bb2b8d0b92bceb183bc87c5fb0d06ab13ecea8de41d29d0bf0306b9cce250
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6372
Cache-Control: max-age=159540
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 19:34:33 GMT
Etag: "63aef099-116"
Expires: Sun, 01 Jan 2023 15:53:33 GMT
Last-Modified: Fri, 30 Dec 2022 14:07:21 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
kit.fontawesome.com/f7165dd215.js
104.18.23.52200 OK 27 kB URL HTTP/2 kit.fontawesome.com/f7165dd215.js
IP 104.18.23.52:0
Hash 39649c63ccab678eb2a2ee9b389c12c7
81e7e0ebf39d5fc5be28711f54a04678b045cef7
1bb863b58ff76aa3ad72c3b0c4b56052f6c16c8e2d491ea29788812e1983b436
GET /f7165dd215.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://delivery.imaginedbyjess.co
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 19:34:33 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FyfUxJk0JeDS60gBPMdi
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 781d36a85bfcb4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
delivery.imaginedbyjess.co/images/all.png
192.232.249.125200 OK 12 kB URL HTTP/2 delivery.imaginedbyjess.co/images/all.png
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 123 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb0b7f615faf2deb9ec6f53d3149a3b
694a2c881c83e2ab86365bf1d16302ac5b9d500f
c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
openphish DHL Airways, Inc.
GET /images/all.png HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/public/8V4ZuHqnyfsXgtnWPn5WSV4LAkABvACA
Cookie: XSRF-TOKEN=eyJpdiI6Ik96U3BUUTlQazNmNjhWaDRVcngwd0E9PSIsInZhbHVlIjoieHRwQ1JsVmFLb0FWRG1xblR0ZCs5bXVpWTJqMGdvUjNyNDZWRC84cDhTNkduK1ZKT3JOVnlaNTNHYVRYbEQ0Y2xDci96Vk5qZTR5a2RxUjlXdGtCWDdUWGNHcjJZdmp3UmU2Y3dQYnREOE1Tc2JZamNUeEptdzhDd1NrZlVZL3oiLCJtYWMiOiJhN2Y2ZWFlMWY3OThiMjk1MGFiMWQyMjZjMDJkZDMyNTExZjBhZTliN2QyNDM4NjRiZjdkNDc1MWY5MzRmNDhlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkQvakNFK3hMYVFiRkJya2JRdkp5N2c9PSIsInZhbHVlIjoiYTBNT1NsM1dobFpRcXRHYndKMG4xc0orUWJOOXo5WVJFcGV6TFZoOERRS2ppZzlpTm1xTit2c08yMlk1Q2tPRWJyMXZCZjRTWkI3bVhuU2ZDcW85YzdVM2xkbTNPMkpPd2xXaFdEYUV0b0pxeXZiQ3UyajBuOGMzUE9aVFlYVzUiLCJtYWMiOiI1ODA4YjAyOTk4NDY5MWJiZTliYjM1MzQyNTJhYTkzNzU2ZjE5NzMzYmViNTkyMmQxMTQ4ZGI3NThjMzgzNjBiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 17 Apr 2022 14:24:34 GMT
accept-ranges: bytes
content-length: 12499
content-type: image/png
date: Fri, 30 Dec 2022 19:34:33 GMT
server: Apache
X-Firefox-Spdy: h2
delivery.imaginedbyjess.co/public/8V4ZuHqnyfsXgtnWPn5WSV4LAkABvACA
192.232.249.125200 OK 20 kB URL HTTP/2 delivery.imaginedbyjess.co/public/8V4ZuHqnyfsXgtnWPn5WSV4LAkABvACA
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 570d19c12de6dcf90f911cf8843a8766
cab25dfb5a58f83b531d0761cd8a0052f9518f35
a86d1e484ebf700d2d3b2d4ddf29b0e463c0c084fac2b5c928098bc691129b99
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /public/8V4ZuHqnyfsXgtnWPn5WSV4LAkABvACA HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://delivery.imaginedbyjess.co/public/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Imh6SkJVUzhGcVJ5S2NKNmIxV3d5MkE9PSIsInZhbHVlIjoiWEhRSmNFbERPcCtuaFJWVngzSXVDL2Vqb0djOW9aTHVrbjQyeHdXWWxadjJjeXl2WCtuUEJQUkdYMFQzUlY4RXp0eVZJOVp1ZUMxbnd4a294dnlOWmZLV0pvb0RvUFVpOUo3Rmxkb0JUZUd2dXVheGFNZmM5cXJiZVdsWUc4dFUiLCJtYWMiOiIyYjdiNDg0ZmNlNTNjODI4ZThkOTRkODEwZjJhMWY5OGRiNmFkZThiMjNmMTA2MjM5NDY3YmU5MTc3YjczYjc5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlZHSzJaUHluOEVGaEduYi9pOFFSZ2c9PSIsInZhbHVlIjoiUzgxZVRzUVV2aldZcHFBQlNRQldoQWQzWFdQbDV4cWV4eTJ5ZXFkL0xEc09EeVFuOURzRFpSNU1TNmRaUXYrcVJja043WmM1M1RuaVQyWEY5N29VVk5MeHMzRVZpdTRoQjRpTUwxUWlEckJRU2IvakZGalBWVjg3V21pQ1Y4MSsiLCJtYWMiOiIxZTljMGVmMGJmMGVmNGRlODg4YzEzN2I0Y2Y5OTMwZmE3ODdiNzM0MWExZThiYmUxYTM3MDBlN2U5NzY3ZDU0IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, private
date: Fri, 30 Dec 2022 19:34:32 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6Ik96U3BUUTlQazNmNjhWaDRVcngwd0E9PSIsInZhbHVlIjoieHRwQ1JsVmFLb0FWRG1xblR0ZCs5bXVpWTJqMGdvUjNyNDZWRC84cDhTNkduK1ZKT3JOVnlaNTNHYVRYbEQ0Y2xDci96Vk5qZTR5a2RxUjlXdGtCWDdUWGNHcjJZdmp3UmU2Y3dQYnREOE1Tc2JZamNUeEptdzhDd1NrZlVZL3oiLCJtYWMiOiJhN2Y2ZWFlMWY3OThiMjk1MGFiMWQyMjZjMDJkZDMyNTExZjBhZTliN2QyNDM4NjRiZjdkNDc1MWY5MzRmNDhlIiwidGFnIjoiIn0%3D; expires=Fri, 30-Dec-2022 21:34:32 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IkQvakNFK3hMYVFiRkJya2JRdkp5N2c9PSIsInZhbHVlIjoiYTBNT1NsM1dobFpRcXRHYndKMG4xc0orUWJOOXo5WVJFcGV6TFZoOERRS2ppZzlpTm1xTit2c08yMlk1Q2tPRWJyMXZCZjRTWkI3bVhuU2ZDcW85YzdVM2xkbTNPMkpPd2xXaFdEYUV0b0pxeXZiQ3UyajBuOGMzUE9aVFlYVzUiLCJtYWMiOiI1ODA4YjAyOTk4NDY5MWJiZTliYjM1MzQyNTJhYTkzNzU2ZjE5NzMzYmViNTkyMmQxMTQ4ZGI3NThjMzgzNjBiIiwidGFnIjoiIn0%3D; expires=Fri, 30-Dec-2022 21:34:32 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=f7165dd215
172.64.169.22200 OK 82 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=f7165dd215
IP 172.64.169.22:0
File type ASCII text, with very long lines (27377)
Hash 1a4d74e10c54801594b0c67a028e5b47
d9a3e9b5214cf764c284c9221d3882ab7bc16289
cb87641d761ce4ba3f6123c4977edb44528347b35cb17411d27f527e01e2e631
GET /releases/v6.2.1/css/free-v4-shims.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://delivery.imaginedbyjess.co/
Origin: https://delivery.imaginedbyjess.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 19:34:33 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
etag: W/"0d00741459c51dd7330d97cd19326a7b"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 674e965f3d2af64c7723a159d4fcb6b4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: WPIsUnDqhaeIRlgXuZgytL4WguUxCR38-gt4rNKnV5e188eUtC7UPQ==
age: 2476376
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6eZLRrFES3BqMXOY4TgT1bJ6Ga7pgaFh4QAeROFnpqiL%2FTHdVWmmzKmsc%2B6pGmuRCAToVIQ1hJzEtlv0DTHWxQloMo4ZUKbJksEd3ZGqcNEnBVlEd7P4Yi6dzIztDn4LnGtHjkMoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 781d36aa5c5273f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c12986dd5b9c878b5ff81b407a572a63
d3e7fbc7598314dfd86682c7142b53e0bff08db0
45b88b06a4404a6bf02061ee1d391b11e71e34702007f925bfb6a608493848c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3335
Cache-Control: max-age=140619
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 19:34:34 GMT
Etag: "63aeb28e-116"
Expires: Sun, 01 Jan 2023 10:38:13 GMT
Last-Modified: Fri, 30 Dec 2022 09:42:38 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
delivery.imaginedbyjess.co/images/foo.png
192.232.249.125404 Not Found 2.4 kB URL HTTP/2 delivery.imaginedbyjess.co/images/foo.png
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 2c59a78d307edd82bedad546b353034f
e6d48d6a80e3a9fcb75687428c10e9a2a09da60c
cb0e78ab14ec80aebcd936d81db6f357ef32a656ebd65a4c1455cb2ca21244cd
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
openphish DHL Airways, Inc.
GET /images/foo.png HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/public/8V4ZuHqnyfsXgtnWPn5WSV4LAkABvACA
Cookie: XSRF-TOKEN=eyJpdiI6Ik96U3BUUTlQazNmNjhWaDRVcngwd0E9PSIsInZhbHVlIjoieHRwQ1JsVmFLb0FWRG1xblR0ZCs5bXVpWTJqMGdvUjNyNDZWRC84cDhTNkduK1ZKT3JOVnlaNTNHYVRYbEQ0Y2xDci96Vk5qZTR5a2RxUjlXdGtCWDdUWGNHcjJZdmp3UmU2Y3dQYnREOE1Tc2JZamNUeEptdzhDd1NrZlVZL3oiLCJtYWMiOiJhN2Y2ZWFlMWY3OThiMjk1MGFiMWQyMjZjMDJkZDMyNTExZjBhZTliN2QyNDM4NjRiZjdkNDc1MWY5MzRmNDhlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkQvakNFK3hMYVFiRkJya2JRdkp5N2c9PSIsInZhbHVlIjoiYTBNT1NsM1dobFpRcXRHYndKMG4xc0orUWJOOXo5WVJFcGV6TFZoOERRS2ppZzlpTm1xTit2c08yMlk1Q2tPRWJyMXZCZjRTWkI3bVhuU2ZDcW85YzdVM2xkbTNPMkpPd2xXaFdEYUV0b0pxeXZiQ3UyajBuOGMzUE9aVFlYVzUiLCJtYWMiOiI1ODA4YjAyOTk4NDY5MWJiZTliYjM1MzQyNTJhYTkzNzU2ZjE5NzMzYmViNTkyMmQxMTQ4ZGI3NThjMzgzNjBiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Fri, 30 Dec 2022 19:34:33 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2414
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
delivery.imaginedbyjess.co/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
192.232.249.125404 Not Found 16 kB URL HTTP/2 delivery.imaginedbyjess.co/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c7067544df49e5f372e01606bfb28b91
0b59acb8e07be514da816a89ab695085a6996b98
b788d9ed056917902ea9cb062320c06d9ffc2d6eac79f8a92775233453595d0e
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik96U3BUUTlQazNmNjhWaDRVcngwd0E9PSIsInZhbHVlIjoieHRwQ1JsVmFLb0FWRG1xblR0ZCs5bXVpWTJqMGdvUjNyNDZWRC84cDhTNkduK1ZKT3JOVnlaNTNHYVRYbEQ0Y2xDci96Vk5qZTR5a2RxUjlXdGtCWDdUWGNHcjJZdmp3UmU2Y3dQYnREOE1Tc2JZamNUeEptdzhDd1NrZlVZL3oiLCJtYWMiOiJhN2Y2ZWFlMWY3OThiMjk1MGFiMWQyMjZjMDJkZDMyNTExZjBhZTliN2QyNDM4NjRiZjdkNDc1MWY5MzRmNDhlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkQvakNFK3hMYVFiRkJya2JRdkp5N2c9PSIsInZhbHVlIjoiYTBNT1NsM1dobFpRcXRHYndKMG4xc0orUWJOOXo5WVJFcGV6TFZoOERRS2ppZzlpTm1xTit2c08yMlk1Q2tPRWJyMXZCZjRTWkI3bVhuU2ZDcW85YzdVM2xkbTNPMkpPd2xXaFdEYUV0b0pxeXZiQ3UyajBuOGMzUE9aVFlYVzUiLCJtYWMiOiI1ODA4YjAyOTk4NDY5MWJiZTliYjM1MzQyNTJhYTkzNzU2ZjE5NzMzYmViNTkyMmQxMTQ4ZGI3NThjMzgzNjBiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Fri, 30 Dec 2022 19:34:34 GMT
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
delivery.imaginedbyjess.co/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
192.232.249.125404 Not Found 16 kB URL HTTP/2 delivery.imaginedbyjess.co/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c7067544df49e5f372e01606bfb28b91
0b59acb8e07be514da816a89ab695085a6996b98
b788d9ed056917902ea9cb062320c06d9ffc2d6eac79f8a92775233453595d0e
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik96U3BUUTlQazNmNjhWaDRVcngwd0E9PSIsInZhbHVlIjoieHRwQ1JsVmFLb0FWRG1xblR0ZCs5bXVpWTJqMGdvUjNyNDZWRC84cDhTNkduK1ZKT3JOVnlaNTNHYVRYbEQ0Y2xDci96Vk5qZTR5a2RxUjlXdGtCWDdUWGNHcjJZdmp3UmU2Y3dQYnREOE1Tc2JZamNUeEptdzhDd1NrZlVZL3oiLCJtYWMiOiJhN2Y2ZWFlMWY3OThiMjk1MGFiMWQyMjZjMDJkZDMyNTExZjBhZTliN2QyNDM4NjRiZjdkNDc1MWY5MzRmNDhlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkQvakNFK3hMYVFiRkJya2JRdkp5N2c9PSIsInZhbHVlIjoiYTBNT1NsM1dobFpRcXRHYndKMG4xc0orUWJOOXo5WVJFcGV6TFZoOERRS2ppZzlpTm1xTit2c08yMlk1Q2tPRWJyMXZCZjRTWkI3bVhuU2ZDcW85YzdVM2xkbTNPMkpPd2xXaFdEYUV0b0pxeXZiQ3UyajBuOGMzUE9aVFlYVzUiLCJtYWMiOiI1ODA4YjAyOTk4NDY5MWJiZTliYjM1MzQyNTJhYTkzNzU2ZjE5NzMzYmViNTkyMmQxMTQ4ZGI3NThjMzgzNjBiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Fri, 30 Dec 2022 19:34:34 GMT
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2895475.js?sv=6
143.204.55.84200 OK 72 kB URL HTTP/2 static.hotjar.com/c/hotjar-2895475.js?sv=6
IP 143.204.55.84:0
File type ASCII text, with very long lines (7679)
Hash a1296a4d3d74801d9319249319053a74
5330bef156c8c1641f0ee43219c9a598cbe5b9cb
1f65ec183dff7b545c09b95b6bcc987c4e49c9c72774e76f2e7e40372c3c4f09
GET /c/hotjar-2895475.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 19:34:35 GMT
cache-control: max-age=60
etag: W/11f3e859a4ea83eed622d27c39427042
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _QcuJToWYcIoSZja_02G_Gx_DFNFcLljIvLTQNVdxxPMy-L_OMK3fQ==
age: 11
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-brands-400.woff2
172.64.169.22200 OK 108 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-brands-400.woff2
IP 172.64.169.22:0
File type Web Open Font Format (Version 2), TrueType, length 107656, version 770.768\012- data
Size 108 kB (107656 bytes)
Hash d3c93d772e2ec6d8c7c7e726f92a7dbf
4bed608cc63253a50fe7e1abbb28396066902d0e
4f04c94b287d7dfdfad36e60915eefbef7127a073546e6c21512b5052c6ac48d
GET /releases/v6.2.1/webfonts/free-fa-brands-400.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://delivery.imaginedbyjess.co
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 30 Dec 2022 19:34:36 GMT
content-type: font/woff2
content-length: 107656
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:15:23 GMT
etag: "d3c93d772e2ec6d8c7c7e726f92a7dbf"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 b5a534d08b2c383ce078e25aff3f2348.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C1
x-amz-cf-id: KSLjnwEa5j1CNJr8Tkd8axPzf4jXFohQk3umbbFBBa3KZKel-Q_5Uw==
age: 318590
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdyjynrMIk0XNKuqSe0fQja%2Bu586EPVQrnszNHMNFQWjoWcb6arzpn6WKtXfHMkfn7h9o3ebYgDmEhafXyLNHNni0KaSjRHOUzdjF4P8eCW1V%2FVlHgXMUOh1cR26yHFYXY4Ga4RwKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 781d36bb281d73f3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
delivery.imaginedbyjess.co/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c
192.232.249.125404 Not Found 164 kB URL HTTP/2 delivery.imaginedbyjess.co/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 164 kB (163718 bytes)
Hash 5151898028498f3785be309aa153576a
075801206d59ebf610599be8fff22b09a40f5fc6
c0e9a42d3be57432ce1dc2a4c75856cef9b333fe66cb0089c19dde771f782ee8
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik96U3BUUTlQazNmNjhWaDRVcngwd0E9PSIsInZhbHVlIjoieHRwQ1JsVmFLb0FWRG1xblR0ZCs5bXVpWTJqMGdvUjNyNDZWRC84cDhTNkduK1ZKT3JOVnlaNTNHYVRYbEQ0Y2xDci96Vk5qZTR5a2RxUjlXdGtCWDdUWGNHcjJZdmp3UmU2Y3dQYnREOE1Tc2JZamNUeEptdzhDd1NrZlVZL3oiLCJtYWMiOiJhN2Y2ZWFlMWY3OThiMjk1MGFiMWQyMjZjMDJkZDMyNTExZjBhZTliN2QyNDM4NjRiZjdkNDc1MWY5MzRmNDhlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkQvakNFK3hMYVFiRkJya2JRdkp5N2c9PSIsInZhbHVlIjoiYTBNT1NsM1dobFpRcXRHYndKMG4xc0orUWJOOXo5WVJFcGV6TFZoOERRS2ppZzlpTm1xTit2c08yMlk1Q2tPRWJyMXZCZjRTWkI3bVhuU2ZDcW85YzdVM2xkbTNPMkpPd2xXaFdEYUV0b0pxeXZiQ3UyajBuOGMzUE9aVFlYVzUiLCJtYWMiOiI1ODA4YjAyOTk4NDY5MWJiZTliYjM1MzQyNTJhYTkzNzU2ZjE5NzMzYmViNTkyMmQxMTQ4ZGI3NThjMzgzNjBiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Fri, 30 Dec 2022 19:34:34 GMT
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
delivery.imaginedbyjess.co/images/favicon.gif
192.232.249.125200 OK 2.2 kB URL HTTP/2 delivery.imaginedbyjess.co/images/favicon.gif
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Hash a6f1af8e79a11829ba9a66474b06bb97
d99e3ec7747c865033a8dfad43c9f49634404bc1
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
openphish DHL Airways, Inc.
GET /images/favicon.gif HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/public/8V4ZuHqnyfsXgtnWPn5WSV4LAkABvACA
Cookie: XSRF-TOKEN=eyJpdiI6Ik96U3BUUTlQazNmNjhWaDRVcngwd0E9PSIsInZhbHVlIjoieHRwQ1JsVmFLb0FWRG1xblR0ZCs5bXVpWTJqMGdvUjNyNDZWRC84cDhTNkduK1ZKT3JOVnlaNTNHYVRYbEQ0Y2xDci96Vk5qZTR5a2RxUjlXdGtCWDdUWGNHcjJZdmp3UmU2Y3dQYnREOE1Tc2JZamNUeEptdzhDd1NrZlVZL3oiLCJtYWMiOiJhN2Y2ZWFlMWY3OThiMjk1MGFiMWQyMjZjMDJkZDMyNTExZjBhZTliN2QyNDM4NjRiZjdkNDc1MWY5MzRmNDhlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkQvakNFK3hMYVFiRkJya2JRdkp5N2c9PSIsInZhbHVlIjoiYTBNT1NsM1dobFpRcXRHYndKMG4xc0orUWJOOXo5WVJFcGV6TFZoOERRS2ppZzlpTm1xTit2c08yMlk1Q2tPRWJyMXZCZjRTWkI3bVhuU2ZDcW85YzdVM2xkbTNPMkpPd2xXaFdEYUV0b0pxeXZiQ3UyajBuOGMzUE9aVFlYVzUiLCJtYWMiOiI1ODA4YjAyOTk4NDY5MWJiZTliYjM1MzQyNTJhYTkzNzU2ZjE5NzMzYmViNTkyMmQxMTQ4ZGI3NThjMzgzNjBiIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-e623358f-560b-45e8-b35c-8c2c0ee8db8a%22%2C%22lastActivity%22:1672428869656}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1672428869656}; _lr_uf_-mnnzup=50691500-3d21-4da5-bb59-a54f0283c8b3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 17 Apr 2022 14:25:28 GMT
accept-ranges: bytes
content-length: 2238
content-type: image/gif
date: Fri, 30 Dec 2022 19:34:36 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 572be29e048245f53b6f0a77e04b5000
c227c598bfe947a2125fbb1e207b6eca3c73e540
bc79e72986819574c3292c10d92b84a3c5a326e9847e476a81d5b09e88cb9988
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 19:34:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Dec 2022 01:28:50 GMT
Expires: Wed, 04 Jan 2023 01:28:49 GMT
Etag: "c227c598bfe947a2125fbb1e207b6eca3c73e540"
Cache-Control: max-age=602942,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 842
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 781d36bb9e31b518-OSL
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
108.156.22.13200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 108.156.22.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d8b0b3928e53502c6ce822abc3cc3d70.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: RLX2OGz5lJ-paRaPMiI3I6a4a87UL4j5HMEvF2xcYwazVO8RwfMSXQ==
age: 3219870
X-Firefox-Spdy: h2
ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
52.20.101.227101 Switching Protocols 0 B URL HTTP/1.1 ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
IP 52.20.101.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://delivery.imaginedbyjess.co
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hN6Ieoyislxv10LC0KoOig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 30 Dec 2022 19:34:36 GMT
Connection: upgrade
Server: nginx/1.17.7
Upgrade: websocket
Sec-WebSocket-Accept: K8Qc676gSZUQ4FzL4Zy8BStUJqw=
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash a6edf252ea8932fbbdd833f390756168
acd0002cc3d4aef44d26f38eff91966f1477115b
ae2f4fd99c9eb758907f006a2748b7b87fa98db5af866b1b60137a8128e7dfa0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163701
Date: Fri, 30 Dec 2022 19:34:36 GMT
Etag: "63af02df-1d7"
Expires: Sun, 01 Jan 2023 17:02:57 GMT
Last-Modified: Fri, 30 Dec 2022 15:25:19 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Sa3oKBaZ8sIM1_uqgQjmmh5trriumC6bG6fwQccsHy19fX6cUQAAxA==
Age: 5858
delivery.imaginedbyjess.co/public/css/app.css
192.232.249.125200 OK 0 B URL HTTP/2 delivery.imaginedbyjess.co/public/css/app.css
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /public/css/app.css HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/public/8V4ZuHqnyfsXgtnWPn5WSV4LAkABvACA
Cookie: XSRF-TOKEN=eyJpdiI6Ik96U3BUUTlQazNmNjhWaDRVcngwd0E9PSIsInZhbHVlIjoieHRwQ1JsVmFLb0FWRG1xblR0ZCs5bXVpWTJqMGdvUjNyNDZWRC84cDhTNkduK1ZKT3JOVnlaNTNHYVRYbEQ0Y2xDci96Vk5qZTR5a2RxUjlXdGtCWDdUWGNHcjJZdmp3UmU2Y3dQYnREOE1Tc2JZamNUeEptdzhDd1NrZlVZL3oiLCJtYWMiOiJhN2Y2ZWFlMWY3OThiMjk1MGFiMWQyMjZjMDJkZDMyNTExZjBhZTliN2QyNDM4NjRiZjdkNDc1MWY5MzRmNDhlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkQvakNFK3hMYVFiRkJya2JRdkp5N2c9PSIsInZhbHVlIjoiYTBNT1NsM1dobFpRcXRHYndKMG4xc0orUWJOOXo5WVJFcGV6TFZoOERRS2ppZzlpTm1xTit2c08yMlk1Q2tPRWJyMXZCZjRTWkI3bVhuU2ZDcW85YzdVM2xkbTNPMkpPd2xXaFdEYUV0b0pxeXZiQ3UyajBuOGMzUE9aVFlYVzUiLCJtYWMiOiI1ODA4YjAyOTk4NDY5MWJiZTliYjM1MzQyNTJhYTkzNzU2ZjE5NzMzYmViNTkyMmQxMTQ4ZGI3NThjMzgzNjBiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Mar 2022 21:11:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 30 Dec 2022 19:34:33 GMT
server: Apache
X-Firefox-Spdy: h2
killbot.org/api/v2/whois?apikey=nkpxOyqRbNvRrCP1U6t7mGpuj1FZ2ZlXPs90mCqDGx4wo
104.21.11.160200 OK 0 B URL HTTP/2 killbot.org/api/v2/whois?apikey=nkpxOyqRbNvRrCP1U6t7mGpuj1FZ2ZlXPs90mCqDGx4wo
IP 104.21.11.160:0
GET /api/v2/whois?apikey=nkpxOyqRbNvRrCP1U6t7mGpuj1FZ2ZlXPs90mCqDGx4wo HTTP/1.1
Host: killbot.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://delivery.imaginedbyjess.co/
Origin: https://delivery.imaginedbyjess.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 19:34:34 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-max-age: 86400
bug-bounty: Report to live chat :)
set-cookie: _killbot=78qc1lnevtegm5ln1qagt6pa63grbuv7; expires=Fri, 30-Dec-2022 21:34:34 GMT; Max-Age=7200; path=/; SameSite=Lax; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, GET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5A0Eq2j%2F2l5MvcHVNw1VQRQalNCcjzyzrnalbQy5jslwujt7E9CJTBdx2f%2Fz46Yiovb4Q9QFItiHIynkgCDL8edCyABKMZ8x4DAkviqGxqKYWv98Zl1uqwmJnZjGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 781d36aa1d0bb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=f7165dd215
172.64.169.22200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=f7165dd215
IP 172.64.169.22:0
GET /releases/v6.2.1/css/free-v5-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://delivery.imaginedbyjess.co/
Origin: https://delivery.imaginedbyjess.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 19:34:33 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
etag: W/"15e2713dff942747406520edde3fd0bf"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 7f9417d4ec6b908629759ca97df0642c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: 8sEkGBJZX3qTGXX2nMWzrTl5mhkEd00z3q5ILZQbuHOnD6UAZpIbxw==
age: 2567290
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nphi8WPsJ6gAPY2ayTOMXzM2Pqp6WxCizx3USyFjG1765Dc4jVegy1cTA8LhC6JKNZVqT8Dht5kBRuaIsZkcqyHGHr9VWTYXAXYl%2FYwgF2vgFNklw2MoTg966iHpg9UMCSh1n3U6BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 781d36aa6c6673f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2895475/visit-data?sv=6
54.229.197.150200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2895475/visit-data?sv=6
IP 54.229.197.150:0
POST /api/v2/client/sites/2895475/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 129
Origin: https://delivery.imaginedbyjess.co
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 19:34:36 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
delivery.imaginedbyjess.co/public/js/session-recorder.js
192.232.249.125200 OK 0 B URL HTTP/2 delivery.imaginedbyjess.co/public/js/session-recorder.js
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /public/js/session-recorder.js HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/public/8V4ZuHqnyfsXgtnWPn5WSV4LAkABvACA
Cookie: XSRF-TOKEN=eyJpdiI6Ik96U3BUUTlQazNmNjhWaDRVcngwd0E9PSIsInZhbHVlIjoieHRwQ1JsVmFLb0FWRG1xblR0ZCs5bXVpWTJqMGdvUjNyNDZWRC84cDhTNkduK1ZKT3JOVnlaNTNHYVRYbEQ0Y2xDci96Vk5qZTR5a2RxUjlXdGtCWDdUWGNHcjJZdmp3UmU2Y3dQYnREOE1Tc2JZamNUeEptdzhDd1NrZlVZL3oiLCJtYWMiOiJhN2Y2ZWFlMWY3OThiMjk1MGFiMWQyMjZjMDJkZDMyNTExZjBhZTliN2QyNDM4NjRiZjdkNDc1MWY5MzRmNDhlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkQvakNFK3hMYVFiRkJya2JRdkp5N2c9PSIsInZhbHVlIjoiYTBNT1NsM1dobFpRcXRHYndKMG4xc0orUWJOOXo5WVJFcGV6TFZoOERRS2ppZzlpTm1xTit2c08yMlk1Q2tPRWJyMXZCZjRTWkI3bVhuU2ZDcW85YzdVM2xkbTNPMkpPd2xXaFdEYUV0b0pxeXZiQ3UyajBuOGMzUE9aVFlYVzUiLCJtYWMiOiI1ODA4YjAyOTk4NDY5MWJiZTliYjM1MzQyNTJhYTkzNzU2ZjE5NzMzYmViNTkyMmQxMTQ4ZGI3NThjMzgzNjBiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Mar 2022 20:35:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 30 Dec 2022 19:34:33 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.lr-in.com/logger-1.min.js
104.21.234.144200 OK 0 B URL HTTP/2 cdn.lr-in.com/logger-1.min.js
IP 104.21.234.144:0
GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 19:34:33 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"ff6438f5ef4cd0a201077209186a20a8881ebd85e88cfcfe92d16fd7c757c9fc"
last-modified: Thu, 29 Dec 2022 19:53:12 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-hhn-etou8220070-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1672343705.010930,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 44
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWovX9XI2kUjEe2ceVg0Ne8RY9tSwoVC4Tt8ddQv3ciJwBtUNgxAq3%2B60wSCS%2B7klp8vxquxW%2Bqav%2BYIjB%2BJBexpbrsEoaeBIGf3vF272GHKrPWuLxh9wSKG7wDk5pbZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 781d36a8cf14f3e3-LHR
content-encoding: br
X-Firefox-Spdy: h2
delivery.imaginedbyjess.co/public/js/app.js
192.232.249.125200 OK 0 B URL HTTP/2 delivery.imaginedbyjess.co/public/js/app.js
IP 192.232.249.125:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /public/js/app.js HTTP/1.1
Host: delivery.imaginedbyjess.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.imaginedbyjess.co/public/8V4ZuHqnyfsXgtnWPn5WSV4LAkABvACA
Cookie: XSRF-TOKEN=eyJpdiI6Ik96U3BUUTlQazNmNjhWaDRVcngwd0E9PSIsInZhbHVlIjoieHRwQ1JsVmFLb0FWRG1xblR0ZCs5bXVpWTJqMGdvUjNyNDZWRC84cDhTNkduK1ZKT3JOVnlaNTNHYVRYbEQ0Y2xDci96Vk5qZTR5a2RxUjlXdGtCWDdUWGNHcjJZdmp3UmU2Y3dQYnREOE1Tc2JZamNUeEptdzhDd1NrZlVZL3oiLCJtYWMiOiJhN2Y2ZWFlMWY3OThiMjk1MGFiMWQyMjZjMDJkZDMyNTExZjBhZTliN2QyNDM4NjRiZjdkNDc1MWY5MzRmNDhlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkQvakNFK3hMYVFiRkJya2JRdkp5N2c9PSIsInZhbHVlIjoiYTBNT1NsM1dobFpRcXRHYndKMG4xc0orUWJOOXo5WVJFcGV6TFZoOERRS2ppZzlpTm1xTit2c08yMlk1Q2tPRWJyMXZCZjRTWkI3bVhuU2ZDcW85YzdVM2xkbTNPMkpPd2xXaFdEYUV0b0pxeXZiQ3UyajBuOGMzUE9aVFlYVzUiLCJtYWMiOiI1ODA4YjAyOTk4NDY5MWJiZTliYjM1MzQyNTJhYTkzNzU2ZjE5NzMzYmViNTkyMmQxMTQ4ZGI3NThjMzgzNjBiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Mar 2022 20:35:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 30 Dec 2022 19:34:33 GMT
server: Apache
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=f7165dd215
172.64.169.22200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=f7165dd215
IP 172.64.169.22:0
GET /releases/v6.2.1/css/free-v4-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://delivery.imaginedbyjess.co/
Origin: https://delivery.imaginedbyjess.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 19:34:33 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
etag: W/"075b2106ba08d32bc88fff3724503b1e"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4a0cc459ba06aacf2a1f9058da1dd0e6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: b9MkUA6CNUTJJV30Ca-2kog040w_RqmjeLv6cr_LJ2Cj5QbFxHFcog==
age: 2567290
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKlOz8MQ0ClLVOIcQSvYSRIbTvWOJ4x4Cmkc6epawTA4oUoa2o%2Fc7UVfywvb57OlGYoCf%2BHYL%2BHaazMf3AVOPB3svc7fuL0q9RdvchjnRGPMy%2FZlN2LAb8pBoRPvFqrd8kJReeWKJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 781d36aa5c5373f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2