www.dhl-delivery-payment.com/suivi.php
82.165.189.196301 Moved Permanently 162 B URL HTTP/1.1 www.dhl-delivery-payment.com/suivi.php
IP 82.165.189.196:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /suivi.php HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Dec 2022 09:36:46 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.dhl-delivery-payment.com/suivi.php
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10613
Expires: Mon, 05 Dec 2022 12:33:40 GMT
Date: Mon, 05 Dec 2022 09:36:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2106
Cache-Control: max-age=91776
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:36:47 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:06:23 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4453
Expires: Mon, 05 Dec 2022 10:51:00 GMT
Date: Mon, 05 Dec 2022 09:36:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 09:20:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 992
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HuBGPozazzba6uTp/QtP3dv9UCEhAVD4wAVjIytaJapBEUmtZOO5qAXrp4lA5fT1QSgJJi45Mzo=
x-amz-request-id: 9ASTE0YSV0D41ZEP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 08:47:54 GMT
age: 2933
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 38108d4181b2af174c945650ade15c8a
03eee90d55f463a993c98af120a1b0a45163605e
581b19acfcd2811e6d56e928b854fe0f6a90b9223f67ba7519c0c295abaf6abf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "581B19ACFCD2811E6D56E928B854FE0F6A90B9223F67BA7519C0C295ABAF6ABF"
Last-Modified: Mon, 05 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Mon, 05 Dec 2022 15:36:18 GMT
Date: Mon, 05 Dec 2022 09:36:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 09:08:58 GMT
cache-control: public,max-age=3600
age: 1669
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2087
Cache-Control: max-age=86691
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:36:47 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:41:38 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4577
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:36:48 GMT
Last-Modified: Mon, 05 Dec 2022 08:20:31 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
104.17.24.14200 OK 19 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65317)
Hash 95d49e491b46f526854d624e40d8af76
5b145ab428cc484ecead4666e01cca7ce6b4dff4
f897fc168379623a0e92c3bb80ff02bc4742ccb555fb094e87dc9b60697a481c
GET /ajax/libs/font-awesome/6.2.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dhl-delivery-payment.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: text/css; charset=utf-8
content-length: 18688
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-4900"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1617005
expires: Sat, 25 Nov 2023 09:36:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBOX4WKw97ww%2BmAIQCa92odRuhvZvjlMyOgL0xNwM9Woyq5bBzf9WRWpEchzXWDvlH7lAXtL9fcXiDYTyiftluqG6slZ9aU8JJskj3fpD7hWqCEuTPiKqD1YFn1hAnoXeo%2ByFC0P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774bccac6baeb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css
151.101.129.229200 OK 28 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css
IP 151.101.129.229:0
File type Unicode text, UTF-8 text, with very long lines (65305)
Hash 9e809125b4f45a82ba699c490010ba2f
2a6060f1c5f6874b918a7838222e6c328fd7583f
b79929834ca653c9dcf7fa61428db7d5e4a2a8e119f304c447bb2218f9087b6a
GET /npm/bootstrap@5.2.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dhl-delivery-payment.com
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.2
x-jsd-version-type: version
etag: W/"2f955-er7QcON84GDApWFXXx1Bp/JI/HQ"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 05 Dec 2022 09:36:48 GMT
age: 5449236
x-served-by: cache-fra19155-FRA, cache-bma1682-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27506
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4577
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:36:48 GMT
Last-Modified: Mon, 05 Dec 2022 08:20:31 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 4f0634c18b3be5ad56a0b9cbe0a77159
b125d8108bc4da03632e880a946e0d98276409fc
4ef327eec819f7ff461426c11fa74d9fa6940ab8732fff86462d14dd5249f899
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 09:36:48 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0F76D95747E267423C858B1DBA6FAE9C64FE0032"
Expires: Mon, 05 Dec 2022 20:00:00 GMT
Last-Modified: Mon, 05 Dec 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2325
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774bccacacbd0b39-OSL
www.dhl-delivery-payment.com/suivi.php
82.165.189.196200 OK 85 kB URL HTTP/2 www.dhl-delivery-payment.com/suivi.php
IP 82.165.189.196:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33563)
Hash ac18726cde7d628816500585abb80286
14db00d8eaa4df9bd2c4e9adb5d763d838b2342a
6d15920d522d0ede76b150af41348f1c2bd65afce8c8e05ea9d36a59fa22cd71
Analyzer Verdict Alert fortinet Phishing
GET /suivi.php HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:47 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.26, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/assets/fonts/default-815fcbb4d2c579017011.woff
82.165.189.196200 OK 41 kB URL HTTP/2 www.dhl-delivery-payment.com/assets/fonts/default-815fcbb4d2c579017011.woff
IP 82.165.189.196:0
File type Web Open Font Format, TrueType, length 41328, version 1.66\012- data
Hash e39bd2e2657ce5dd6f9c33df18529233
6db81ebb91bfa67cef8f2f870f03046150568799
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /assets/fonts/default-815fcbb4d2c579017011.woff HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: application/font-woff
content-length: 41328
last-modified: Sun, 04 Dec 2022 20:34:33 GMT
etag: "638d0459-a170"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/assets/fonts/default-5a6dd86f272b304a8b83.woff
82.165.189.196200 OK 41 kB URL HTTP/2 www.dhl-delivery-payment.com/assets/fonts/default-5a6dd86f272b304a8b83.woff
IP 82.165.189.196:0
File type Web Open Font Format, TrueType, length 41352, version 1.66\012- data
Hash 4e23ecf085132857bdb54b4da7373151
a50215c22a591536b21e509100d1707c6886ffd6
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /assets/fonts/default-5a6dd86f272b304a8b83.woff HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: application/font-woff
content-length: 41352
last-modified: Sun, 04 Dec 2022 20:34:32 GMT
etag: "638d0458-a188"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/dhl-logo.svg
82.165.189.196200 OK 1.6 kB URL HTTP/2 www.dhl-delivery-payment.com/info_files/dhl-logo.svg
IP 82.165.189.196:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3fecc9db35d5d2a9e6e71ab4b02d22e5
628ba2f505b480097445aaf08649a08242bd6847
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /info_files/dhl-logo.svg HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: image/svg+xml
content-length: 1603
last-modified: Sun, 04 Dec 2022 20:34:39 GMT
etag: "638d045f-643"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/assets/img/colis.png
82.165.189.196200 OK 3.1 kB URL HTTP/2 www.dhl-delivery-payment.com/assets/img/colis.png
IP 82.165.189.196:0
File type PNG image data, 102 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 8fdda0d85678421dfe58061ce3f10880
84d80a2244b270a86580fa336b84d14e9666c556
2a8ab786ed7b13aeaefd332c09836792ab6889ab9411cd3c959139f10b50b72b
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /assets/img/colis.png HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: image/png
content-length: 3084
last-modified: Sun, 04 Dec 2022 20:34:34 GMT
etag: "638d045a-c0c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/assets/img/mes.png
82.165.189.196200 OK 30 kB URL HTTP/2 www.dhl-delivery-payment.com/assets/img/mes.png
IP 82.165.189.196:0
File type PNG image data, 378 x 245, 8-bit/color RGB, non-interlaced\012- data
Hash ab8faeae47e80c02f7813222b936102a
03df24cf07f21fd2a7ec53a6ac0eb56351924e70
2d041bb02b3e8ad4a50d2bc2d019ebad077396f814cf2175995cf881c328cca9
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /assets/img/mes.png HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: image/png
content-length: 30450
last-modified: Sun, 04 Dec 2022 20:34:34 GMT
etag: "638d045a-76f2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/linkedIn-new.svg
82.165.189.196200 OK 1.6 kB URL HTTP/2 www.dhl-delivery-payment.com/info_files/linkedIn-new.svg
IP 82.165.189.196:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1204)
Hash 43efff953a2a3baf6a2ef0528f55dc07
b510bc0512da7d96cdf29a0f1e343319095776de
c32f1a0f5b093b6b2c8f5df0bf93856359769ee6bbab40975043cd133711d528
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /info_files/linkedIn-new.svg HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: image/svg+xml
content-length: 1647
last-modified: Sun, 04 Dec 2022 20:34:43 GMT
etag: "638d0463-66f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/instagram-new.svg
82.165.189.196200 OK 4.5 kB URL HTTP/2 www.dhl-delivery-payment.com/info_files/instagram-new.svg
IP 82.165.189.196:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4063)
Hash 056511aeb5282ecaab9fbf10ed2273e5
fc29c2c37c4b4a31ad13e80356371e338aef5894
f01c2e1870fcd75ceca3b4c42c3110cb0aa4b933b562cf3d2c7ddd20ce03c7ee
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /info_files/instagram-new.svg HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: image/svg+xml
content-length: 4508
last-modified: Sun, 04 Dec 2022 20:34:41 GMT
etag: "638d0461-119c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/youtube-new.svg
82.165.189.196200 OK 1.4 kB URL HTTP/2 www.dhl-delivery-payment.com/info_files/youtube-new.svg
IP 82.165.189.196:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (971)
Hash 376247a0b06e705c758fe04978ea9df5
90d50c682c2ea23a9d26926c6eb3d849b7b94661
acd3eaf2b608fb48f9915964c36772b322ad91106508c4490e2a72122db4d347
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /info_files/youtube-new.svg HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: image/svg+xml
content-length: 1412
last-modified: Sun, 04 Dec 2022 20:34:46 GMT
etag: "638d0466-584"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/facebook-new.svg
82.165.189.196200 OK 1.4 kB URL HTTP/2 www.dhl-delivery-payment.com/info_files/facebook-new.svg
IP 82.165.189.196:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (963)
Hash 259d8928a7fd5329b3d7fd80eca2ea2f
a6337de5ff5761b39a319cd7ec3f8b10f201d066
43027752f5a04142e6518a4fd8ef54e7e73cfba7820da9c03c1ad38835f04fe2
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /info_files/facebook-new.svg HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: image/svg+xml
content-length: 1406
last-modified: Sun, 04 Dec 2022 20:34:39 GMT
etag: "638d045f-57e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/glo-footer-logo.svg
82.165.189.196200 OK 12 kB URL HTTP/2 www.dhl-delivery-payment.com/info_files/glo-footer-logo.svg
IP 82.165.189.196:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (656)
Hash d1b0e043744fd642282117a03d308b17
d8abe7a0887b804e516c45a344c542e291a1a84b
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /info_files/glo-footer-logo.svg HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: image/svg+xml
content-length: 11968
last-modified: Sun, 04 Dec 2022 20:34:41 GMT
etag: "638d0461-2ec0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NlDMBUSYaysssCArROQMHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lZ53q4vUTAvTs5fbWtEP2qDGeTg=
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-da52a17c1b8deb953bfe.woff
96.6.17.154200 OK 35 kB URL HTTP/2 www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-da52a17c1b8deb953bfe.woff
IP 96.6.17.154:0
File type Web Open Font Format, TrueType, length 34820, version 1.0\012- data
Hash cf794604b8ce6323c4bfd10ce945bcb7
2eb01fae4eef49893523be3f7833711b02f276c0
c2815799e9e0b8e0d894447ebcf02a8d5c274484f6fcf1a76103e06c71dbb2f5
GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-da52a17c1b8deb953bfe.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dhl-delivery-payment.com
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
last-modified: Wed, 16 Nov 2022 13:48:07 GMT
etag: "8804-5ed96b8fbfad4-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 34679
content-type: application/font-woff
cache-control: public, max-age=1209600
expires: Mon, 19 Dec 2022 09:36:48 GMT
date: Mon, 05 Dec 2022 09:36:48 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-274a65bae9742377aaf0.woff
96.6.17.154200 OK 41 kB URL HTTP/2 www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-274a65bae9742377aaf0.woff
IP 96.6.17.154:0
File type Web Open Font Format, TrueType, length 41084, version 1.66\012- data
Hash 8e28d7fd1b601b52178ab7d32e2406c6
e78d4edea79147e8d6d0b394cbce252b2265b0c3
e005fcd603bec58c87365399d7955dc97b2e22e4ef24d573d7b44ac7cb0f8683
GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/default-274a65bae9742377aaf0.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dhl-delivery-payment.com
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
last-modified: Wed, 16 Nov 2022 13:48:07 GMT
etag: "a07c-5ed96b8fb992c-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 41052
content-type: application/font-woff
cache-control: public, max-age=1209600
expires: Mon, 19 Dec 2022 09:36:48 GMT
date: Mon, 05 Dec 2022 09:36:48 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
23.38.200.237200 OK 12 kB URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32768)
Hash e616df092766c7ab7904619f971a35cc
a960429c42802a43e3ce728fc4d1e8bdab10e606
082ae7647bfdb639846791e5c0ca39b96544dff3aed0c365973c9589cd5b091e
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12163
expires: Mon, 05 Dec 2022 10:36:48 GMT
date: Mon, 05 Dec 2022 09:36:48 GMT
cache-control: no-cache
access-control-allow-origin: https://www.dhl-delivery-payment.com
timing-allow-origin: *
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/launch-ENa2e710b79eef40758cbb936003b8b231.min.js
82.165.189.196200 OK 120 kB URL HTTP/2 www.dhl-delivery-payment.com/info_files/launch-ENa2e710b79eef40758cbb936003b8b231.min.js
IP 82.165.189.196:0
File type ASCII text, with very long lines (32745)
Size 120 kB (119793 bytes)
Hash cc646ae3d74c0918252e26b3242a4ed8
d5cfa3259c4b0c88a8c946b90a4635553526269b
6e1611ff7c7d19606d0a0aff13549cf478375ec4bd0b68cc296983dfcfa369c4
Analyzer Verdict Alert fortinet Phishing
GET /info_files/launch-ENa2e710b79eef40758cbb936003b8b231.min.js HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 20:34:42 GMT
etag: W/"638d0462-977f7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
s2.go-mpulse.net/boomerang/RSVGU-547KJ-ZUMZD-ZW27F-P4RHY
104.110.16.174200 OK 50 kB URL HTTP/2 s2.go-mpulse.net/boomerang/RSVGU-547KJ-ZUMZD-ZW27F-P4RHY
IP 104.110.16.174:0
File type C source, ASCII text, with very long lines (65103)
Hash 8991c3ec80ec8fbc41382a55679e3911
8cc8cee91d671038acd9e3ae611517d6801b0909
f55bacd4a20fef96f5c736a912d1947be85c268df18003395e511c1e860e8800
GET /boomerang/RSVGU-547KJ-ZUMZD-ZW27F-P4RHY HTTP/1.1
Host: s2.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Fri, 25 Nov 2022 11:07:21 GMT
timing-allow-origin: *
vary: Accept-Encoding
x-n: S
content-length: 50393
date: Mon, 05 Dec 2022 09:36:48 GMT
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/RSVGU-547KJ-ZUMZD-ZW27F-P4RHY
82.165.189.196200 OK 90 kB URL HTTP/2 www.dhl-delivery-payment.com/info_files/RSVGU-547KJ-ZUMZD-ZW27F-P4RHY
IP 82.165.189.196:0
File type C source, ASCII text, with very long lines (65103)
Hash ec22ff0a726c38f891caa26ab56f9301
6281fcf0f15815809eacae1f7fd5d4c5a00d5634
5bc77ed0c8e07f712d69e346d00efaa05d94aaab0372222c6f3f8a608b97873a
Analyzer Verdict Alert fortinet Phishing
GET /info_files/RSVGU-547KJ-ZUMZD-ZW27F-P4RHY HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: text/plain
last-modified: Sun, 04 Dec 2022 20:34:45 GMT
etag: W/"638d0465-33413"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/assets/fonts/default-274a65bae9742377aaf0.woff
82.165.189.196404 Not Found 808 B URL HTTP/2 www.dhl-delivery-payment.com/assets/fonts/default-274a65bae9742377aaf0.woff
IP 82.165.189.196:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert urlquery phishing Phishing - DHL
fortinet Phishing
GET /assets/fonts/default-274a65bae9742377aaf0.woff HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: text/html
content-length: 808
last-modified: Sun, 04 Dec 2022 20:30:33 GMT
etag: "328-5ef0671530761"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f0ee436cb34a58c2d2818d52cfc7864d
6d60ca3d77060b70178eccdc6777f1040a97a670
5567604a66e822cbc9585200503b99145e15f621821e91734ad5e79ab2d38dd1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1857
Cache-Control: max-age=162812
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:36:48 GMT
Etag: "638d8d6b-118"
Expires: Wed, 07 Dec 2022 06:50:20 GMT
Last-Modified: Mon, 05 Dec 2022 06:19:23 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.148.64200 OK 7.2 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (21747)
Hash 6ca9058d9138dc07d9a378e6f20a8b7b
ff5f65ad24a8e2b3042cbb0136be7edb52215c1a
1561d36bd995a09ea69c243767e196dd2e76a2753b59b78ecbf999161904f86d
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: bKkFjZE43AfZo3jm8gqLew==
last-modified: Thu, 01 Dec 2022 17:06:29 GMT
etag: 0x8DAD3BE63D96CCA
x-ms-request-id: 62e7f211-c01e-010b-1be2-0586c7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 28032
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774bccaf8ccbb509-OSL
X-Firefox-Spdy: h2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png
96.6.17.154200 OK 1.2 kB URL HTTP/2 www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png
IP 96.6.17.154:0
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash 6e5f4e072a2793f9d9cd2a6974d5ccc9
df0d0b28ae71a37dd321d33435c3143a446e2741
148a09a41b13df86b44d2a1f70e2482e5d31fd91ce540a0dbe016011a5fd29b9
GET /etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
last-modified: Wed, 16 Nov 2022 16:28:22 GMT
etag: "495-5ed98f613a6da"
accept-ranges: bytes
content-length: 1173
content-type: image/png
cache-control: public, max-age=0
expires: Mon, 05 Dec 2022 09:36:48 GMT
date: Mon, 05 Dec 2022 09:36:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/favicon.ico
96.6.17.154200 OK 1.2 kB URL HTTP/2 www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/favicon.ico
IP 96.6.17.154:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e
GET /etc/clientlibs/dhl/clientlib-all/assets/favicon.ico HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
last-modified: Thu, 17 Nov 2022 21:19:45 GMT
etag: "47e-5edb125f79c06"
accept-ranges: bytes
content-length: 1150
content-type: image/ico
cache-control: public, max-age=180684
date: Mon, 05 Dec 2022 09:36:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
c.go-mpulse.net/api/config.json?key=RSVGU-547KJ-ZUMZD-ZW27F-P4RHY&d=www.dhl-delivery-payment.com&t=5567443&v=1.720.0&sl=0&si=b43af56f-6539-4c51-bb87-ea31f5c56771-rmew18&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=326248
2.18.172.137200 OK 51 B URL HTTP/1.1 c.go-mpulse.net/api/config.json?key=RSVGU-547KJ-ZUMZD-ZW27F-P4RHY&d=www.dhl-delivery-payment.com&t=5567443&v=1.720.0&sl=0&si=b43af56f-6539-4c51-bb87-ea31f5c56771-rmew18&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=326248
IP 2.18.172.137:0
File type JSON data\012- , ASCII text
Hash fab3350f517d18b7477da4ae18a9c167
de5f852dd26c67317a93786d90be83834155ae4b
b5f00536668e50df07ecb903e83a51385cc341ba621ee6933be30794fdd92586
GET /api/config.json?key=RSVGU-547KJ-ZUMZD-ZW27F-P4RHY&d=www.dhl-delivery-payment.com&t=5567443&v=1.720.0&sl=0&si=b43af56f-6539-4c51-bb87-ea31f5c56771-rmew18&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=326248 HTTP/1.1
Host: c.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dhl-delivery-payment.com
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Timing-Allow-Origin: *
Content-Length: 51
Date: Mon, 05 Dec 2022 09:36:48 GMT
Connection: keep-alive
Content-Type: application/json
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5154
Expires: Mon, 05 Dec 2022 11:02:43 GMT
Date: Mon, 05 Dec 2022 09:36:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5154
Expires: Mon, 05 Dec 2022 11:02:43 GMT
Date: Mon, 05 Dec 2022 09:36:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5154
Expires: Mon, 05 Dec 2022 11:02:43 GMT
Date: Mon, 05 Dec 2022 09:36:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 42425
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97ab0e82-c847-4f8f-9308-0c525094c97e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97ab0e82-c847-4f8f-9308-0c525094c97e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7292946ed06f9cf5d53135eb21e10045
a47a6ce6420ea055ec7f1f97e70f1e695579d167
51b8e06b38328244f18e2efb0f9a2ae26ac8f699c41fc50f173eb0c4d84349b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97ab0e82-c847-4f8f-9308-0c525094c97e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8466
x-amzn-requestid: c93740a8-aaa7-4862-a8c0-b8cca762aff2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-FrkIAMFesA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-0ea7316079ab528531bf20c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L9c9vCWOopv8i1Njj5AUO0bEUNeT4qrIETJZpbFskucm7SuSJEfEGw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:55:31 GMT
age: 42078
etag: "a47a6ce6420ea055ec7f1f97e70f1e695579d167"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mn_L-TMV_ypQZFmolIRm4r5dyj5PpN12jrtafcP9HEkALUPfSzJ38w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:54 GMT
age: 24655
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1be5ade2f8eb160f9974766374c9dd01
8d3d92355304ccfcd50ae96f55b2754220f05187
5087642c70cd92613c2a490b532fc7651c4b25f8712a59b4f7a178cc44cdf90f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: d4dfc77c-65cc-46f1-b8a3-ea6cebd0976d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYE2woAMFgPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-639ca0813c23b9cb75ff24c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhweRJZbG0P_lxekUIz506RXW5f9iVQ1Cvfg-k3gJTWHIrzTu2uenQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:26:44 GMT
age: 22205
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2jx-M9MgKrJXU4yYsJzWqNXwruIGhFNWkD7GcPdqddnEzcNgFw2luw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:35:35 GMT
age: 21674
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 42850
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/AppMeasurement.min.js
82.165.189.196200 OK 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/AppMeasurement.min.js
IP 82.165.189.196:0
Analyzer Verdict Alert fortinet Phishing
GET /info_files/AppMeasurement.min.js HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 20:34:35 GMT
etag: W/"638d045b-8315"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/clientlib-core.min.js
82.165.189.196200 OK 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/clientlib-core.min.js
IP 82.165.189.196:0
Analyzer Verdict Alert fortinet Phishing
GET /info_files/clientlib-core.min.js HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 20:34:39 GMT
etag: W/"638d045f-1cf9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/sec-3-6.css
82.165.189.196200 OK 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/sec-3-6.css
IP 82.165.189.196:0
GET /info_files/sec-3-6.css HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 20:34:46 GMT
etag: W/"638d0466-669"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.js
82.165.189.196200 OK 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.js
IP 82.165.189.196:0
Analyzer Verdict Alert fortinet Phishing
GET /info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.js HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 20:34:38 GMT
etag: W/"638d045e-43924"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/clientlib-core.min.css
82.165.189.196200 OK 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/clientlib-core.min.css
IP 82.165.189.196:0
GET /info_files/clientlib-core.min.css HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Sun, 04 Dec 2022 20:34:38 GMT
etag: W/"1d-5ef067ff170ef"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/otSDKStub.js/consent/21ea6bde-3c6a-4350-a8dc-e86228114de3/21ea6bde-3c6a-4350-a8dc-e86228114de3.json
82.165.189.196404 Not Found 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/otSDKStub.js/consent/21ea6bde-3c6a-4350-a8dc-e86228114de3/21ea6bde-3c6a-4350-a8dc-e86228114de3.json
IP 82.165.189.196:0
Analyzer Verdict Alert fortinet Phishing
GET /info_files/otSDKStub.js/consent/21ea6bde-3c6a-4350-a8dc-e86228114de3/21ea6bde-3c6a-4350-a8dc-e86228114de3.json HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Cookie: cookieDisclaimer=seen
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: text/html
last-modified: Sun, 04 Dec 2022 20:30:33 GMT
etag: W/"328-5ef0671530761"
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/bundle-utapi.5a06c13ce82a72f9080b7294f2746e49.js
82.165.189.196200 OK 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/bundle-utapi.5a06c13ce82a72f9080b7294f2746e49.js
IP 82.165.189.196:0
Analyzer Verdict Alert fortinet Phishing
GET /info_files/bundle-utapi.5a06c13ce82a72f9080b7294f2746e49.js HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 20:34:36 GMT
etag: W/"638d045c-31637"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/sec-cpt-3-6.js
82.165.189.196200 OK 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/sec-cpt-3-6.js
IP 82.165.189.196:0
Analyzer Verdict Alert fortinet Phishing
GET /info_files/sec-cpt-3-6.js HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 20:34:46 GMT
etag: W/"638d0466-294e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/NX18STXEB
0 B URL www.dhl-delivery-payment.com/info_files/NX18STXEB
IP :0
Analyzer Verdict Alert fortinet Phishing
GET /info_files/NX18STXEB HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
www.dhl-delivery-payment.com/info_files/otSDKStub.js/consent/21ea6bde-3c6a-4350-a8dc-e86228114de3/21ea6bde-3c6a-4350-a8dc-e86228114de3.json
82.165.189.196404 Not Found 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/otSDKStub.js/consent/21ea6bde-3c6a-4350-a8dc-e86228114de3/21ea6bde-3c6a-4350-a8dc-e86228114de3.json
IP 82.165.189.196:0
Analyzer Verdict Alert fortinet Phishing
GET /info_files/otSDKStub.js/consent/21ea6bde-3c6a-4350-a8dc-e86228114de3/21ea6bde-3c6a-4350-a8dc-e86228114de3.json HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: text/html
last-modified: Sun, 04 Dec 2022 20:30:33 GMT
etag: W/"328-5ef0671530761"
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/otSDKStub.js
82.165.189.196200 OK 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/otSDKStub.js
IP 82.165.189.196:0
Analyzer Verdict Alert fortinet Phishing
GET /info_files/otSDKStub.js HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 20:34:44 GMT
etag: W/"638d0464-54f4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.css
82.165.189.196200 OK 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.css
IP 82.165.189.196:0
GET /info_files/bundle.5a06c13ce82a72f9080b7294f2746e49.css HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 20:34:37 GMT
etag: W/"638d045d-9fd47"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/bundle-utapi.5a06c13ce82a72f9080b7294f2746e49.css
82.165.189.196200 OK 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/bundle-utapi.5a06c13ce82a72f9080b7294f2746e49.css
IP 82.165.189.196:0
GET /info_files/bundle-utapi.5a06c13ce82a72f9080b7294f2746e49.css HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 20:34:35 GMT
etag: W/"638d045b-95cd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/AppMeasurement_Module_ActivityMap.min.js
82.165.189.196200 OK 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/AppMeasurement_Module_ActivityMap.min.js
IP 82.165.189.196:0
Analyzer Verdict Alert fortinet Phishing
GET /info_files/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 20:34:35 GMT
etag: W/"638d045b-ce5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/RCc9f7f8cb76ec492d8b222a8d9c393cfc-source.min.js
82.165.189.196200 OK 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/RCc9f7f8cb76ec492d8b222a8d9c393cfc-source.min.js
IP 82.165.189.196:0
Analyzer Verdict Alert fortinet Phishing
GET /info_files/RCc9f7f8cb76ec492d8b222a8d9c393cfc-source.min.js HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Sun, 04 Dec 2022 20:34:45 GMT
etag: W/"386-5ef068050b084"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.dhl-delivery-payment.com/info_files/otBannerSdk.js
82.165.189.196200 OK 0 B URL HTTP/2 www.dhl-delivery-payment.com/info_files/otBannerSdk.js
IP 82.165.189.196:0
Analyzer Verdict Alert fortinet Phishing
GET /info_files/otBannerSdk.js HTTP/1.1
Host: www.dhl-delivery-payment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dhl-delivery-payment.com/suivi.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:36:48 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 20:34:44 GMT
etag: W/"638d0464-5c44f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2