| 8ng.013.mytemp.website/hold/packet/ | 92.205.169.9 | 302 Moved Temporarily | 0 B |
URL User Request GET HTTP/1.18ng.013.mytemp.website/hold/packet/ IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /hold/packet/ HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Date: Mon, 06 May 2024 04:27:13 GMT
Server: Apache
X-Powered-By: PHP/8.2.18
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: home.php?newtoken=
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
|
|
| 8ng.013.mytemp.website/hold/packet/home.php?newtoken= | 92.205.169.9 | 200 OK | 11 kB |
URL User Request GET HTTP/1.18ng.013.mytemp.website/hold/packet/home.php?newtoken= IP92.205.169.9:80 ASN#21499 Host Europe GmbH
File typeHTML document, Unicode text, UTF-8 text, with very long lines (570), with CRLF line terminators Hashf299b3697dcb803d9ed774ddbf3bc534 eee8ad16f2351e075d84cf51bb5e4b7b17075b14 926b987f87425d6d43158decd8819c0caf0c8d7a9457717dfe4ff7ae39965787
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /hold/packet/home.php?newtoken= HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 May 2024 04:27:13 GMT
Server: Apache
X-Powered-By: PHP/8.2.18
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10596
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| 8ng.013.mytemp.website/js/app.js | 92.205.169.9 | 404 Not Found | 1.7 kB |
URL GET HTTP/1.18ng.013.mytemp.website/js/app.js IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typeHTML document, ASCII text Hash12bc9fcd7f59bd4a0c74e0477ccbad55 9c866d208d2bc04fdc136dbc1fef2e889beb9cbf cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /js/app.js HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 06 May 2024 04:27:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1699
Keep-Alive: timeout=5
Content-Type: text/html
|
|
| 8ng.013.mytemp.website/hold/packet/assets/app.css | 92.205.169.9 | 200 OK | 57 kB |
URL GET HTTP/1.18ng.013.mytemp.website/hold/packet/assets/app.css IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Hashb33e59c592eb453d12f6a53179d8ef19 5d1863f728b58d4456e1b1d824d98fe56810e69e a0b9419777f544b665051cae80f11bf8ff9f925072a9f062a3d82c383e6cdfde
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /hold/packet/assets/app.css HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 May 2024 04:27:13 GMT
Server: Apache
Last-Modified: Sat, 05 Nov 2022 09:10:48 GMT
ETag: "22a0849-65545-5ecb590e95600-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 56795
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
|
|
| 8ng.013.mytemp.website/js/session-recorder.js | 92.205.169.9 | 404 Not Found | 1.7 kB |
URL GET HTTP/1.18ng.013.mytemp.website/js/session-recorder.js IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typeHTML document, ASCII text Hash12bc9fcd7f59bd4a0c74e0477ccbad55 9c866d208d2bc04fdc136dbc1fef2e889beb9cbf cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /js/session-recorder.js HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 06 May 2024 04:27:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1699
Keep-Alive: timeout=5
Content-Type: text/html
|
|
| 8ng.013.mytemp.website/hold/packet/assets/foo.png | 92.205.169.9 | 200 OK | 18 kB |
URL GET HTTP/1.18ng.013.mytemp.website/hold/packet/assets/foo.png IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typePNG image data, 187 x 18, 8-bit/color RGBA, non-interlaced Hashf748283f1bdef35cbe2d225eccbe3895 c03c1864ca13cc124d7faf7d4bb11515fd40d814 cae9d5adf2b0220c74a93b644c26d53e27c3a87f9b5d3fe57d06442e808074a2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /hold/packet/assets/foo.png HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 May 2024 04:27:13 GMT
Server: Apache
Last-Modified: Sat, 29 Apr 2023 10:39:12 GMT
ETag: "22a0862-44f0-5fa7733489400"
Accept-Ranges: bytes
Content-Length: 17648
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
|
|
| 8ng.013.mytemp.website/hold/packet/assets/logo.png | 92.205.169.9 | 200 OK | 2.0 kB |
URL GET HTTP/1.18ng.013.mytemp.website/hold/packet/assets/logo.png IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typePNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced Hash5d14ab93691604e826e1319d53599eb9 78724360e9d25da584445b851e37bca05abe6b85 3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /hold/packet/assets/logo.png HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 May 2024 04:27:13 GMT
Server: Apache
Last-Modified: Sat, 29 Apr 2023 10:40:20 GMT
ETag: "22a0852-7ce-5fa7737562d00"
Accept-Ranges: bytes
Content-Length: 1998
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
|
|
| 8ng.013.mytemp.website/hold/packet/assets/clan.png | 92.205.169.9 | 200 OK | 475 B |
URL GET HTTP/1.18ng.013.mytemp.website/hold/packet/assets/clan.png IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typePNG image data, 27 x 29, 8-bit/color RGBA, non-interlaced Hashe00004714ce72691e26f9b61c9810780 51385af6cb9a9d372c3151e67d331ddc1b92b3c4 b8b7e6c193f0b11bece8c12b305cbf15130bc99b32ae92426eb747a3da3264d6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /hold/packet/assets/clan.png HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 May 2024 04:27:13 GMT
Server: Apache
Last-Modified: Sat, 05 Nov 2022 09:10:48 GMT
ETag: "22a0842-1db-5ecb590e95600"
Accept-Ranges: bytes
Content-Length: 475
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
|
|
| 8ng.013.mytemp.website/hold/packet/assets/alert.png | 92.205.169.9 | 200 OK | 469 B |
URL GET HTTP/1.18ng.013.mytemp.website/hold/packet/assets/alert.png IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typePNG image data, 20 x 18, 8-bit/color RGBA, non-interlaced Hash16291265180a2dbcd246ada0b44ea35a 63eb909a37d9730a40955bebf35542cfc1a5ede9 b36e63b78f7ab077c9f74269deec4010ae803b687b27ca13e6aa58712520bb84
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /hold/packet/assets/alert.png HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 May 2024 04:27:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 05 Nov 2022 09:10:48 GMT
ETag: "22a0848-1d5-5ecb590e95600"
Accept-Ranges: bytes
Content-Length: 469
Keep-Alive: timeout=5
Content-Type: image/png
|
|
| 8ng.013.mytemp.website/hold/packet/assets/pak.png | 92.205.169.9 | 200 OK | 380 B |
URL GET HTTP/1.18ng.013.mytemp.website/hold/packet/assets/pak.png IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typePNG image data, 32 x 27, 8-bit/color RGBA, non-interlaced Hash5c71f27c78f2fa4c03011a7c22b82496 686900b9ead294ff018699e3fa65c023e5b41de0 eb6ca62c1e5d64c52be3ffa63c298dcda2483c04c4b17d1bfe605d134e52f91b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /hold/packet/assets/pak.png HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 May 2024 04:27:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 05 Nov 2022 09:10:48 GMT
ETag: "22a084e-17c-5ecb590e95600"
Accept-Ranges: bytes
Content-Length: 380
Keep-Alive: timeout=5
Content-Type: image/png
|
|
| 8ng.013.mytemp.website/hold/packet/assets/col.png | 92.205.169.9 | 200 OK | 682 B |
URL GET HTTP/1.18ng.013.mytemp.website/hold/packet/assets/col.png IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typePNG image data, 39 x 28, 8-bit/color RGBA, non-interlaced Hashf9f5c8ccd73adc2df4d9e3acb9e24f85 ae26c7c6a83b6446179383c3b109fbad8b92c034 381941fc8b5df86879d6e2fcf3392d281b796c33f430f045405a0e6af0e474b9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /hold/packet/assets/col.png HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 May 2024 04:27:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 05 Nov 2022 09:10:48 GMT
ETag: "22a0858-2aa-5ecb590e95600"
Accept-Ranges: bytes
Content-Length: 682
Keep-Alive: timeout=5
Content-Type: image/png
|
|
| img1.wsimg.com/traffic-assets/js/tccl.min.js | 23.36.79.16 | 301 Moved Permanently | 0 B |
URL GET HTTP/2img1.wsimg.com/traffic-assets/js/tccl.min.js IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken= CertificateIssuerStarfield Technologies, Inc. Subject*.wsimg.com FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /traffic-assets/js/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-length: 0
location: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
cache-control: max-age=31536000
expires: Tue, 06 May 2025 04:27:14 GMT
date: Mon, 06 May 2024 04:27:14 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| 8ng.013.mytemp.website/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b | 92.205.169.9 | 404 Not Found | 1.7 kB |
URL GET HTTP/1.18ng.013.mytemp.website/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typeHTML document, ASCII text Hash12bc9fcd7f59bd4a0c74e0477ccbad55 9c866d208d2bc04fdc136dbc1fef2e889beb9cbf cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/assets/app.css
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 06 May 2024 04:27:14 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1699
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html
|
|
| img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js | 23.36.79.16 | 200 OK | 20 kB |
URL GET HTTP/2img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken= CertificateIssuerStarfield Technologies, Inc. Subject*.wsimg.com FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashfdf3f3c180ae2aa6864f9c46a83a37a9 59f698af339af479bc5447e5da54778d909c7068 e301943f5f3cb3486ab3f4c75c0315e96891268a76b8663b6a490324e39d1664
GET /signals/js/clients/scc-c2/scc-c2.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://8ng.013.mytemp.website/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: zSfZtamdtBiCmRf7q6I0dc5TXg6SYAMwxO2Fn0cVkxc75aNa94ehodGTsMhV1dFuGdVHTiRr5UmxBYR/ArT8Jg==
x-amz-request-id: E0CSM1KGY3NCQ66T
last-modified: Fri, 22 Mar 2024 13:06:20 GMT
etag: "fdf3f3c180ae2aa6864f9c46a83a37a9"
x-amz-server-side-encryption: AES256
x-amz-meta-version: 0.2.5
x-amz-version-id: NUbpk_ypfZoRQFFJE7rB4qpj7fMsB7r1
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1800
expires: Mon, 06 May 2024 04:57:14 GMT
date: Mon, 06 May 2024 04:27:14 GMT
content-length: 20488
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| 8ng.013.mytemp.website/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 | 92.205.169.9 | 404 Not Found | 1.7 kB |
URL GET HTTP/1.18ng.013.mytemp.website/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typeHTML document, ASCII text Hash12bc9fcd7f59bd4a0c74e0477ccbad55 9c866d208d2bc04fdc136dbc1fef2e889beb9cbf cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/assets/app.css
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 06 May 2024 04:27:14 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1699
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html
|
|
| 8ng.013.mytemp.website/js/app.js | 92.205.169.9 | 404 Not Found | 1.7 kB |
URL GET HTTP/1.18ng.013.mytemp.website/js/app.js IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typeHTML document, ASCII text Hash12bc9fcd7f59bd4a0c74e0477ccbad55 9c866d208d2bc04fdc136dbc1fef2e889beb9cbf cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /js/app.js HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 06 May 2024 04:27:14 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1699
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html
|
|
| 8ng.013.mytemp.website/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c | 92.205.169.9 | 404 Not Found | 1.7 kB |
URL GET HTTP/1.18ng.013.mytemp.website/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typeHTML document, ASCII text Hash12bc9fcd7f59bd4a0c74e0477ccbad55 9c866d208d2bc04fdc136dbc1fef2e889beb9cbf cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/assets/app.css
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 06 May 2024 04:27:14 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1699
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html
|
|
| 8ng.013.mytemp.website/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 | 92.205.169.9 | 404 Not Found | 1.7 kB |
URL GET HTTP/1.18ng.013.mytemp.website/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typeHTML document, ASCII text Hash12bc9fcd7f59bd4a0c74e0477ccbad55 9c866d208d2bc04fdc136dbc1fef2e889beb9cbf cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/assets/app.css
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 06 May 2024 04:27:14 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1699
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html
|
|
| 8ng.013.mytemp.website/js/session-recorder.js | 92.205.169.9 | 404 Not Found | 1.7 kB |
URL GET HTTP/1.18ng.013.mytemp.website/js/session-recorder.js IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typeHTML document, ASCII text Hash12bc9fcd7f59bd4a0c74e0477ccbad55 9c866d208d2bc04fdc136dbc1fef2e889beb9cbf cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /js/session-recorder.js HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 06 May 2024 04:27:14 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1699
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html
|
|
| 8ng.013.mytemp.website/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f | 92.205.169.9 | 404 Not Found | 1.7 kB |
URL GET HTTP/1.18ng.013.mytemp.website/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f IP92.205.169.9:80 ASN#21499 Host Europe GmbH
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
File typeHTML document, ASCII text Hash12bc9fcd7f59bd4a0c74e0477ccbad55 9c866d208d2bc04fdc136dbc1fef2e889beb9cbf cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1
Host: 8ng.013.mytemp.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/hold/packet/assets/app.css
Cookie: PHPSESSID=0p9ertt0vib86tlehst5ur32ct
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 06 May 2024 04:27:14 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1699
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html
|
|
| dispatching-centre.lasamericascargo.com/js/card.js | 0.0.0.0 | | 0 B |
URL GET dispatching-centre.lasamericascargo.com/js/card.js IP0.0.0.0:0
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/card.js HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| cdn.lr-in.com/logger-1.min.js | 104.21.234.144 | 200 OK | 863 kB |
URL GET HTTP/2cdn.lr-in.com/logger-1.min.js IP104.21.234.144:443
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken= CertificateIssuerLet's Encrypt Subjectlr-in.com Fingerprint9C:36:E8:C7:3B:FC:3A:32:F6:4B:7E:92:80:E3:9C:F6:8E:D3:5C:9A ValiditySat, 09 Mar 2024 13:34:25 GMT - Fri, 07 Jun 2024 13:34:24 GMT
Size863 kB (863434 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:14 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"6d7462b8411d67643bf9b63752591c5d8948482805ef96e348b4cd661abce5d6-br"
last-modified: Fri, 03 May 2024 19:43:02 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-lcy-eglc8600060-LCY
x-cache: HIT
x-cache-hits: 1
x-timer: S1714765673.354150,VS0,VE3
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2xtgc9gsnt4q7bIk%2BiGoxkngJiWiDdwRYdh%2FFb6jQG8wVVKWj%2BFWNyxKMis6w7RzuoSadyFAcBbVNE%2Fq8lBa1zwFXwHCcut%2BV8o5oBs8VMWEYfOP6G8Xhcjb%2FPwDebyj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f63774fce93690-LHR
content-encoding: br
X-Firefox-Spdy: h2
|
|
| dispatching-centre.lasamericascargo.com/images/favicon.gif | 0.0.0.0 | | 0 B |
URL GET dispatching-centre.lasamericascargo.com/images/favicon.gif IP0.0.0.0:0
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/favicon.gif HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| dispatching-centre.lasamericascargo.com/js/intlTelInput.js | 0.0.0.0 | | 0 B |
URL GET dispatching-centre.lasamericascargo.com/js/intlTelInput.js IP0.0.0.0:0
Requested byhttp://8ng.013.mytemp.website/hold/packet/home.php?newtoken=
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/intlTelInput.js HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://8ng.013.mytemp.website/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|