urlquery - report: serves.dhlserveslivellc.com/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP
serves.dhlserveslivellc.com (19)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6764	1939280	67.195.197.24
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3246	61405	34.120.237.76
r3.o.lencr.org (7)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2366	6202	23.36.77.32
ocsp.digicert.com (2)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682	1594	93.184.220.29
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5844	34.160.144.191
kit-free.fontawesome.com (1)	22974	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	426	861	104.21.54.58
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2374	34.102.187.140
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	229	34.117.237.239
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	52.42.148.177

Scan Date	Severity	Indicator	Comment
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.
2022-12-05	medium	serves.dhlserveslivellc.com/	DHL Airways, Inc.

Scan Date	Severity	Indicator	Comment
2022-12-06	medium	serves.dhlserveslivellc.com/	Malware
2022-12-06	medium	serves.dhlserveslivellc.com/js/fa.js	Malware
2022-12-06	medium	serves.dhlserveslivellc.com/js/jquery.steps.js	Malware
2022-12-06	medium	serves.dhlserveslivellc.com/images/img.svg	Malware
2022-12-06	medium	serves.dhlserveslivellc.com/js/jquery-3.3.1.min.js	Malware
2022-12-06	medium	serves.dhlserveslivellc.com/js/jquery-ui.min.js	Malware
2022-12-06	medium	serves.dhlserveslivellc.com/fonts/Roboto/Roboto-Medium.ttf	Malware
2022-12-06	medium	serves.dhlserveslivellc.com/fonts/Roboto/Roboto-Bold.ttf	Malware
2022-12-06	medium	serves.dhlserveslivellc.com/fonts/Roboto/Roboto-Regular.ttf	Malware
2022-12-06	medium	serves.dhlserveslivellc.com/fonts/Roboto/Roboto-Black.ttf	Malware

Date	UQ / IDS / BL	URL	IP
2023-04-26 05:12:30 UTC	0 - 0 - 5	ssl-secureteamworkspace-outbound.com/	67.195.197.24
2023-04-06 16:51:06 UTC	0 - 2 - 0	www.studiovisit.biz/	67.195.197.24
2023-03-24 18:03:49 UTC	0 - 1 - 0	reelfoodfestival.com/	67.195.197.24
2023-03-13 17:20:29 UTC	0 - 1 - 0	www.theflowerpail.com/	67.195.197.24
2023-03-07 06:01:53 UTC	0 - 0 - 2	ssl-secureteamworkspace-outbound.com/	67.195.197.24

Date	UQ / IDS / BL	URL	IP
2023-05-31 07:38:13 UTC	0 - 3 - 0	www.geocities.com/sblsji1/IN12WHOXVDQJD.txt	74.6.136.150
2023-05-27 20:09:50 UTC	0 - 0 - 0	http://wwwl.kensnow210@yahoo.com	74.6.143.25
2023-05-16 07:00:33 UTC	0 - 0 - 0	kensnow210@yahoo.com	74.6.143.25
2023-05-11 02:14:10 UTC	0 - 0 - 0	danianoelia_castrosuazo@yahoo.es	74.6.136.150
2023-04-26 05:12:30 UTC	0 - 0 - 5	ssl-secureteamworkspace-outbound.com/	67.195.197.24

Date	UQ / IDS / BL	URL	IP
2022-12-06 13:07:54 UTC	18 - 0 - 28	serves.dhlserveslivellc.com/	67.195.197.24
2022-12-06 10:21:12 UTC	16 - 0 - 24	serves.dhlserveslivellc.com/	67.195.197.24

Date	UQ / IDS / BL	URL	IP
2023-02-03 11:58:17 UTC	17 - 0 - 11	www.oasistiles.in/mails/static/img/dhl/dhl/	119.18.54.27
2023-02-02 20:42:53 UTC	16 - 0 - 10	www.oasistiles.in/mails/static/img/dhl/dhl/	119.18.54.27
2023-01-30 14:52:50 UTC	0 - 0 - 28	colis-dhl.com/	193.29.104.5
2023-01-30 14:52:31 UTC	0 - 0 - 22	colis-dhl.com/4944d3896e9a4b411bb6bb8836627b7c	193.29.104.5
2023-01-30 14:52:10 UTC	0 - 0 - 28	colis-dhl.com/924e66b74a3b32d95e73bb676cc35ecd	193.29.104.5

HTTP Transactions (40)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2498 Expires: Tue, 06 Dec 2022 13:49:21 GMT Date: Tue, 06 Dec 2022 13:07:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: cfec3d7283a9b66d2be426ce54d210f3 Sha1: 808c1feb1ba918951d1928c1f6bfc0c253262774 Sha256: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2144 Cache-Control: max-age=165559 Date: Tue, 06 Dec 2022 13:07:43 GMT Etag: "638f19f6-1d7" Expires: Thu, 08 Dec 2022 11:07:02 GMT Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT Server: ECS (ska/F70A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: f83c5e33ba42e312ee398848bbb711f5 Sha1: caa1fd23b1fbbe883292ded04404c1cfd861eb09 Sha256: 106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2592 Expires: Tue, 06 Dec 2022 13:50:55 GMT Date: Tue, 06 Dec 2022 13:07:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ea206ac3c440825741687351f8c6e4e Sha1: 2f38dafd8c43dcce2411a0590bc5c02cd6286735 Sha256: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 06 Dec 2022 12:20:24 GMT cache-control: public,max-age=3600 age: 2839 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: yHzGrjaa8VjZR9O/BrODlsDiHo6Lw+tQPEg0shYNGTyGjg2ythjI/BxwG7kSL3k6bmzDLIVcqj8= x-amz-request-id: 5ZHKRE6VXJ56YWM9 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 06 Dec 2022 12:47:06 GMT age: 1237 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 06 Dec 2022 13:07:43 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 06 Dec 2022 12:08:58 GMT cache-control: public,max-age=3600 age: 3525 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2129 Cache-Control: max-age=160476 Date: Tue, 06 Dec 2022 13:07:43 GMT Etag: "638f062a-1d7" Expires: Thu, 08 Dec 2022 09:42:19 GMT Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT Server: ECS (ska/F70A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 0f7dcaa590e32cfd1c075255188d5f06 Sha1: d4bb4954fefdb3b59560b54adf500e806e252e39 Sha256: 195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: SVZCUIpqAqoj2WEsgOFFsA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.42.148.177 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 3WxulKzEWTOGWrYWuVCB+MSv/V0= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	67.195.197.24 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Tue, 06 Dec 2022 13:07:42 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Cache-Control: private Age: 4 Transfer-Encoding: chunked Connection: keep-alive Server: ATS --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text Size: 16529 Md5: 77a528574aee9285f031a220fdde4d96 Sha1: ccdb76ca121e2edb6ba69f67a06b1d68c2de564c Sha256: 89de13be738da3349478a740a5d864709b44c85f3d51c119daee8d726b542cbf Blocklists: - openphish: DHL Airways, Inc. - fortinet: Malware
GET /css/roboto-font.css HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/	67.195.197.24 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 246 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: ASCII text Size: 246 Md5: a8c54b1d907c15f1a6a9fcd2a110ac48 Sha1: 67eec8b437f97baab49718fdcc58fe1762dfdb60 Sha256: 3db88c5b3f7cca116666523f39deb3f010eb482b5f0b1355bae7e6ed87aef60c urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc.
GET /fonts/material-design-iconic-font/css/material-design-iconic-font.min.css HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/	67.195.197.24 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 8004 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 8004 Md5: 8e52d20cf4fddc255d601b84eb80ff21 Sha1: bfee70e6b9023a19bdc803e525759d1baca76e3d Sha256: 64e48e86e8ca9bb84b40fe9dddaec3c3f131552445fc9d9d5593a6174f9b8269 Blocklists: - openphish: DHL Airways, Inc.
GET /js/fa.js HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/	67.195.197.24 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2092 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: ASCII text, with very long lines (5479) Size: 2092 Md5: 0822ea750affddf08220384a6b56ab61 Sha1: b770d40cb9bb42d2d62c19c33752b9065824662b Sha256: 90fb3b66cfd16764fd4a5eda42e4290bee645517e6ebd7b4dbc9dbee01514e63 urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc. - fortinet: Malware
GET /css/style.css HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/	67.195.197.24 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2693 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 2693 Md5: 503d49c7558a766a38d7a062a5ac3b89 Sha1: a600eef3a704ad71f57fe5adfdac7d9dccf9b4bc Sha256: 6fa1dc1b150ccd4fbd431b7a80aa510ca4bd62483447345da028765fbbf0b40b urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc.
GET /css/jquery-ui.min.css HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/	67.195.197.24 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 7604 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: ASCII text, with very long lines (29135) Size: 7604 Md5: 41ae81947849b538eaf3bf88dae31a2b Sha1: e99988f01e42d488cf529939ba25a0977014745c Sha256: f11647bd717bf277cbead3c981ba2c90aa67fb9a751e03ab27c1080da800c5ac urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc.
GET /js/jquery.steps.js HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/	67.195.197.24 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 10689 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 10689 Md5: a32a3953e47065f001b8b736a48bc9d2 Sha1: 6029e07f4d38cd9b4ac3bb8f9e815775329259a9 Sha256: e342e076f3b1dc0fdaf831f84f28561215ee034a558676994618c882f3642967 urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc. - fortinet: Malware
GET /images/wizard_v3_icon_1.png HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/	67.195.197.24 HTTP/1.1 200 OK Content-Type: image/png Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Content-Length: 4633 Cache-Control: max-age=864000 Expires: Fri, 16 Dec 2022 13:07:44 GMT Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: PNG image data, 150 x 35, 8-bit/color RGBA, non-interlaced\012- data Size: 4633 Md5: 9be5e19e6f7538afce632d82b855dd24 Sha1: 12dec760d83e8db9c2073d46512c1b76b7a4edc2 Sha256: 5abaa5a71c4481349f88fb44e395b25d99a953329d0d5fbb11880312f4752fec urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc.
GET /images/img.svg HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/	67.195.197.24 HTTP/1.1 200 OK Content-Type: image/svg+xml Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 722 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 722 Md5: 75e6a3a06ceab9d5d544db411b461773 Sha1: 6133136f4082d6e1286023a7a28e32fe69d0ad40 Sha256: 60f60db64661c2ec17815671734b616bab2fe1befacad5482953f3e7dc13961a urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc. - fortinet: Malware
GET /images/wizard_v4_icon.png HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/css/style.css	67.195.197.24 HTTP/1.1 200 OK Content-Type: image/png Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Content-Length: 1131 Cache-Control: max-age=864000 Expires: Fri, 16 Dec 2022 13:07:44 GMT Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data Size: 1131 Md5: d3aab532241c4ae850bf45efa0047073 Sha1: cfb509e3a77c0f8ab1a8083b7cd9754ac8b1a06e Sha256: 4927e407f1f4b81dbc5d6269117fafdda60011698398015591dd10f33b779ffc urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc.
GET /js/jquery-3.3.1.min.js HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/	67.195.197.24 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 30313 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: ASCII text, with very long lines (65450), with CRLF line terminators Size: 30313 Md5: ce93c33b71763f3e28eb7143970bc99f Sha1: 55be0c55a057d50145b5f98c1f052f037f4f8121 Sha256: 67de797f8fc77b76b35acde3b604f60aa8d768f1bf226eb20ed13db08cdbcb10 urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc. - fortinet: Malware
GET /fonts/material-design-iconic-font/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/fonts/material-design-iconic-font/css/material-design-iconic-font.min.css	67.195.197.24 HTTP/1.1 200 OK Content-Type: application/octet-stream Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Content-Length: 38384 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 38384, version 1.0\012- data Size: 38384 Md5: a4d31128b633bc0b1cc1f18a34fb3851 Sha1: 6ee4c79372c3fd679706306ede47e4b03cf53d60 Sha256: e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c urlquery: - Phishing - DHL
GET /js/jquery-ui.min.js HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/	67.195.197.24 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Age: 0 Transfer-Encoding: chunked Connection: keep-alive Server: ATS --- Additional Info --- Magic: ASCII text, with very long lines (33326) Size: 67747 Md5: 578f4306c216f42e85edab2fd92f6055 Sha1: 95769c57a5dc609079289962d7a1246c0e69f159 Sha256: cd059bd301db04a93223aa6acf47625a7e02857004e0b2a6b234f84429ee8c0f urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc. - fortinet: Malware
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6871 Expires: Tue, 06 Dec 2022 15:02:16 GMT Date: Tue, 06 Dec 2022 13:07:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ab1615b2c8cc26b12fc0cf41734ff07 Sha1: a7d54b3709ce75a20210e20013e6f06b0aa88e2d Sha256: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6871 Expires: Tue, 06 Dec 2022 15:02:16 GMT Date: Tue, 06 Dec 2022 13:07:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ab1615b2c8cc26b12fc0cf41734ff07 Sha1: a7d54b3709ce75a20210e20013e6f06b0aa88e2d Sha256: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6871 Expires: Tue, 06 Dec 2022 15:02:16 GMT Date: Tue, 06 Dec 2022 13:07:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ab1615b2c8cc26b12fc0cf41734ff07 Sha1: a7d54b3709ce75a20210e20013e6f06b0aa88e2d Sha256: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6871 Expires: Tue, 06 Dec 2022 15:02:16 GMT Date: Tue, 06 Dec 2022 13:07:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ab1615b2c8cc26b12fc0cf41734ff07 Sha1: a7d54b3709ce75a20210e20013e6f06b0aa88e2d Sha256: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6871 Expires: Tue, 06 Dec 2022 15:02:16 GMT Date: Tue, 06 Dec 2022 13:07:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ab1615b2c8cc26b12fc0cf41734ff07 Sha1: a7d54b3709ce75a20210e20013e6f06b0aa88e2d Sha256: 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11352 x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSwuF1ToAMFiIA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT x-amz-cf-pop: SFO5-P2, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: aYf5d6wAJlPSXVwF5uQXUb1g_65z-v6tInk7IF64bBV-w31d3MKeIQ== via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:22:23 GMT age: 53122 etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11352 Md5: 7f2c354a00ab51d4a41221b6bf191c10 Sha1: 01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4 Sha256: 7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3968 x-amzn-requestid: 55111bc4-d002-44a0-855a-533251b144fb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSveGo_IAMFQvA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64c9-28e0a83d7f9f1ffc7544bb3d;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:17 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: hTx-BIZT_THNG5yNlQDL6LCM5lBs8ezZK8-5FMFiarpRfhmBu6pbTQ== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 21:45:51 GMT age: 55314 etag: "1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3968 Md5: 9838b65dde746487c806ee9739f8b222 Sha1: 1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8 Sha256: cf3ddc240b33d0f588d5acb30593b6846874a192bff9f5b69455877d7f63be53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11224 x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csUINEwdoAMFuOw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT x-amz-cf-pop: YVR50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ== via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:23:09 GMT age: 53076 etag: "36082b7329d473829178f280cb71a83b1531e486" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11224 Md5: b15136d60fd0a5e0f657a4f5c75d540f Sha1: 36082b7329d473829178f280cb71a83b1531e486 Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8660 x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: co_uBG9IIAMFxcw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: bywOU4HpwW6ebOdbHiI_ctX46Z-LXrUcRIVacGUtf_tyISXlXjOP4g== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 21:51:33 GMT age: 54972 etag: "63483fc211cfb2808c7f37940a4065b4f4177c59" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8660 Md5: fddffc8edfa3ca668c8ac740d34f46c5 Sha1: 63483fc211cfb2808c7f37940a4065b4f4177c59 Sha256: 3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11175 x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSzYEnEoAMFa2A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: jqWuNfsDgPOsqxlX2HGJdhXm9GnGC-TBafSbSCrztICFgEwcyqc_iA== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:22:22 GMT age: 53123 etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11175 Md5: 38b97436af942d5eb1111ca7043259a0 Sha1: 0234fe32c84c4711f0619714f3ac6d3db1b717d3 Sha256: a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8656 x-amzn-requestid: cfc71f7f-d1c6-47c9-8107-864701dbf3c3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSwkEHmIAMFUnw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64d0-6705510852d26ae24b3e5ea4;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:24 GMT x-amz-cf-pop: SEA19-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: zTGiKMan3uG3edx5AsFabNE4eG_dmzrIIOFCWcOxYN0UgSCGTNTtxw== via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:22:25 GMT age: 53120 etag: "cd923a5a3810bfe86be2eca4b97c739d76756d93" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8656 Md5: 30d72693680b3ac91c0eee4d47a26196 Sha1: cd923a5a3810bfe86be2eca4b97c739d76756d93 Sha256: 69ca9e172f6b0c5bf158022d533701b89282630deaa0ce7df27ed459c9bfe75e
GET /fonts/Roboto/Roboto-Medium.ttf HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/css/roboto-font.css	67.195.197.24 HTTP/1.1 200 OK Content-Type: application/x-font-ttf Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Content-Length: 172064 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Med\012- data Size: 172064 Md5: d08840599e05db7345652d3d417574a9 Sha1: 5f16f4d6dbb4a4f12d8ae96488ac209bb49762a5 Sha256: f205cc511821ea56078a105557fcea6253129404d411c997e1866fbd006abb68 urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc. - fortinet: Malware
GET /images/favicon.ico HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/	67.195.197.24 HTTP/1.1 200 OK Content-Type: image/x-icon Date: Tue, 06 Dec 2022 13:07:45 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Content-Length: 1150 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size: 1150 Md5: d8106bf3a1d00ab43b01e6e3c92500eb Sha1: 202b5e8654ab1b28351378293bca3b9d844cc29b Sha256: 9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc.
GET /fonts/Roboto/Roboto-Bold.ttf HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/css/roboto-font.css	67.195.197.24 HTTP/1.1 200 OK Content-Type: application/x-font-ttf Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Content-Length: 170760 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-Bo\012- data Size: 170760 Md5: ee7b96fa85d8fdb8c126409326ac2d2b Sha1: 0ce37ced9c5fcac9bdc452a432c1258870ba4677 Sha256: 7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86 urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc. - fortinet: Malware
GET /fonts/Roboto/Roboto-Regular.ttf HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/css/roboto-font.css	67.195.197.24 HTTP/1.1 200 OK Content-Type: application/x-font-ttf Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Content-Length: 171676 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob\012- data Size: 171676 Md5: 3e1af3ef546b9e6ecef9f3ba197bf7d2 Sha1: dd1b1db13ff1f72138c134c62f38fef83749f36a Sha256: 79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95 urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc. - fortinet: Malware
GET /fonts/Roboto/Roboto-Black.ttf HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/css/roboto-font.css	67.195.197.24 HTTP/1.1 200 OK Content-Type: application/x-font-ttf Date: Tue, 06 Dec 2022 13:07:45 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Content-Length: 171480 Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto BlackRegularVersion 2.137; 2017Roboto-Blac\012- data Size: 171480 Md5: ec4c9962ba54eb91787aa93d361c10a8 Sha1: c572416b9587c40d49ea60c7128f7f17b9317ad8 Sha256: 3872e9b39760a1b59ac1e192633dbb3b58e595b4d423930ac7ded525e9ae25e0 urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc. - fortinet: Malware
GET /images/bg.jpg HTTP/1.1 Host: serves.dhlserveslivellc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/	67.195.197.24 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Tue, 06 Dec 2022 13:07:44 GMT P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Last-Modified: Wed, 06 May 2020 01:11:16 GMT Accept-Ranges: bytes Content-Length: 1052344 Cache-Control: max-age=864000 Expires: Fri, 16 Dec 2022 13:07:44 GMT Age: 0 Connection: keep-alive Server: ATS --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=9, description=Frankfurt/ Main, 31 October 2002 Deutsche Post World Net launches STAR - Group-wide value enhancement programme ## Frankfurt/, orientation=upper-left, xresolution=354, yresolution=362, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2008:06:26 16:37:43, copyright=Deutsche Post World Net], baseline, precision 8, 2880x2045, components 4\012- data Size: 1052344 Md5: 5c2ac9314ae3c0259449424163081404 Sha1: c879027f32270cfe72949d12f73f09de8ae87a5f Sha256: 81295e3657ad03f98dafc8b01981859656dcf33a052bfe61183ad7072821acd8 urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc.
GET /releases/latest/css/free-v4-shims.min.css HTTP/1.1 Host: kit-free.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://serves.dhlserveslivellc.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	104.21.54.58 HTTP/2 200 OK content-type: text/css date: Tue, 06 Dec 2022 13:07:44 GMT x-amz-id-2: yBVgXOI1p1cQzefoffXhziBF5Jgpek6e7OoszIxkICR473TwIFpWfHO7oW2w1nosT1t0IulOypU= x-amz-request-id: 1JT537VQK7AMARG6 last-modified: Wed, 04 Aug 2021 21:22:51 GMT etag: W/"76f34b71fc9fb641507ff6a822cc07f5" cache-control: max-age=1800 cf-cache-status: HIT age: 946 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgZ1Yq9g5a%2FjstTdZlGfXp4T2196pUEI9T%2FmxVW%2BXcBA7yiRUUK2dT14CymAR6YJDSKQLG3jfAHXWGnTLp9RXCs9742ef93NUuGXVba6GJAZk%2FXzBK8eND9DCARTVQFHGpIOMteuMR8UL5M%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 77553f0c5c17b521-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:

URL	serves.dhlserveslivellc.com/
IP	67.195.197.24 (United States)
ASN	#26101 YAHOO-BF1
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access
Report completed	2022-12-06 13:07:54 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	28
urlquery alerts	18 Phishing - DHL
Tags	None

Overview

Domain Summary (9)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 67.195.197.24

Last 5 reports on ASN: YAHOO-BF1

Last 2 reports on domain: dhlserveslivellc.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (40)

Overview

Domain Summary (9)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 67.195.197.24

Last 5 reports on ASN: YAHOO-BF1

Last 2 reports on domain: dhlserveslivellc.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (40)

Network Intrusion Detection Systems