djbraak.com/public/GTZ9jKYjfDIuE8RGHOpsmQY2Na30iDRk
161.97.137.90302 Found 346 B URL HTTP/1.1 djbraak.com/public/GTZ9jKYjfDIuE8RGHOpsmQY2Na30iDRk
IP 161.97.137.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0103661036cceceea4a8fdd6ef27d64f
b69cf8cc73885996e66b48374a27ae013c6a2760
b109fe4da3a624e64c61be073c4935f07d1e250ec9570ad173f258734e8f1724
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /public/GTZ9jKYjfDIuE8RGHOpsmQY2Na30iDRk HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkRZNitEbm92RVlJQ21JNDhyREJsU0E9PSIsInZhbHVlIjoiUGlBYWw0WHIwVm1RUmRGbGF4WDhjb3NtT0MveHV6eXJZZTAzSkl1K1hPdWNtNlV5eFIvY083cGhGVlhyQ3NiZ3F3SVozVi9pV3NuQ0o4a0p0MEw2NFlXR2dxVUh4OWlUcXNIZ1VxWkQrY01qZFhkM3c4ZXp4MjhoSUplbjIzcDkiLCJtYWMiOiJmYzhkZDU2MzRjZDUyZjE5MzIzZTEzOTU5MGFiZjYzYWYzMmQyMDM4ZjNmYmQzOTA3N2ZlNDhkNTZmNjVlNTkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkxWeTVEMkNaMHFGbjJia003aUd1cGc9PSIsInZhbHVlIjoiNUxsd3pLQnFHTVVKejBibTBVbmhPVStnUFlaR0hKd2tpUWsvMU5rdmZ1NitobHVyRG5wL1ZZaWp6RzBOM1BnODFURllERmlUeDJZQ2JSZmRvTXlJMXdYNXluOHBkeFE5ZVZhN0pKWU5kL2JBTjZTdDdiaFNEcHFUVjltR2c1cmEiLCJtYWMiOiJmYWEyZGIxNWI2YTQ5OWVmYTA5MDJjN2ExN2M1ZmQ5ZGUzM2YwZjI4ZGQ4MDYzZTg2ODM5MTY4ZjgwOGU4NGMyIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 19 Nov 2022 21:46:53 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IlVyOVZHZDRvbVBGTUYrdUdva3B0NkE9PSIsInZhbHVlIjoiWHpGT0tMWnMxc0JMSzd3aDlZR2M2VFoyVTh3Q2ZBU0VOWTBXVzJ1NVhudkVnNHp2M1Vvdnl2eWZMc1RjWi9EUld1K2ZpZnNNMGQ5SE1mZW03Y2lLQzRjQlRKaEhQcDVrNFRtcWRZQTdUeDhHQW5GU2RvU0dPVitNZmlIelhXSkUiLCJtYWMiOiJhMjUwOTA4NmQ0ZTRiNGMwMzAxNWMxYTBiNTgxMGExMzQ3YTcwZjg4NmQ5NmQ0NjE5ZjUzYjdiZjc4OTZiN2MyIiwidGFnIjoiIn0%3D; expires=Sat, 19-Nov-2022 23:46:53 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InphQ1o2dUNZOEwxcDhObkU1M1RpTkE9PSIsInZhbHVlIjoiT0ZncDBsTVluQmZhVDFhUTZrUEl3dmY2SjFpcjM1MzFkQ2ZVUkV5Y20rVzQrbXhUclpCVWtEU0k2RmR4eG5SNnhDY1FTWFVJc0IvYmdFakVLaG1NMWVxQzlXSVJwQ0sycUVNUEJyaXN0MWRxMFFObmtwazVQbXdsWmZQNzNLY0giLCJtYWMiOiIxNWNmMzAzZDZkNzkwMmFhOTZmNjljODhhYjUzN2NiZmMzYzI0NDE3Yjg1MGE1OTZlN2M0YTdjOWQ5OGMzZTYzIiwidGFnIjoiIn0%3D; expires=Sat, 19-Nov-2022 23:46:53 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Location: http://djbraak.com/public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eb76c0b3adf4098ad8a9d1e38250758f
99610ddb2b4ec6d04250ac244f966951695d4f00
01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7495
Expires: Sat, 19 Nov 2022 23:51:48 GMT
Date: Sat, 19 Nov 2022 21:46:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1448
Cache-Control: max-age=133708
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 21:46:53 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 10:55:21 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 21:45:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 103
alt-svc: clear
X-Firefox-Spdy: h2
djbraak.com/public
161.97.137.90301 Moved Permanently 234 B IP 161.97.137.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6c3c56bd49f743a6a0feaaec92a697b4
ed565cdac6c2761514d65dd20b6e89611e757d57
1dffe525cd8844e737e0f43d6dc198f906bb714ece0655f4c0dcdd24207fdf03
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /public HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlVyOVZHZDRvbVBGTUYrdUdva3B0NkE9PSIsInZhbHVlIjoiWHpGT0tMWnMxc0JMSzd3aDlZR2M2VFoyVTh3Q2ZBU0VOWTBXVzJ1NVhudkVnNHp2M1Vvdnl2eWZMc1RjWi9EUld1K2ZpZnNNMGQ5SE1mZW03Y2lLQzRjQlRKaEhQcDVrNFRtcWRZQTdUeDhHQW5GU2RvU0dPVitNZmlIelhXSkUiLCJtYWMiOiJhMjUwOTA4NmQ0ZTRiNGMwMzAxNWMxYTBiNTgxMGExMzQ3YTcwZjg4NmQ5NmQ0NjE5ZjUzYjdiZjc4OTZiN2MyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InphQ1o2dUNZOEwxcDhObkU1M1RpTkE9PSIsInZhbHVlIjoiT0ZncDBsTVluQmZhVDFhUTZrUEl3dmY2SjFpcjM1MzFkQ2ZVUkV5Y20rVzQrbXhUclpCVWtEU0k2RmR4eG5SNnhDY1FTWFVJc0IvYmdFakVLaG1NMWVxQzlXSVJwQ0sycUVNUEJyaXN0MWRxMFFObmtwazVQbXdsWmZQNzNLY0giLCJtYWMiOiIxNWNmMzAzZDZkNzkwMmFhOTZmNjljODhhYjUzN2NiZmMzYzI0NDE3Yjg1MGE1OTZlN2M0YTdjOWQ5OGMzZTYzIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 19 Nov 2022 21:46:53 GMT
Server: Apache
Location: http://djbraak.com/public/
Content-Length: 234
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5039
Expires: Sat, 19 Nov 2022 23:10:52 GMT
Date: Sat, 19 Nov 2022 21:46:53 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 21:46:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ReD4JXG/APjF5GeCGoKE9+p9MeDvAykrHF9U3lKrHKcGeQECif3jGyxNyvium72s76J0tjMC5B8=
x-amz-request-id: 27DZ4M09PT5HEJT7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 21:38:28 GMT
age: 505
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 21:44:49 GMT
cache-control: public,max-age=3600
age: 124
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6178
Cache-Control: max-age=133376
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 21:46:54 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:49:50 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
djbraak.com/public/
161.97.137.90200 OK 539 B IP 161.97.137.90:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2ad866defda4ee292443b2dca5b68a1c
70f50d88cb80a7624d070126bc44239763771191
6ebbb4d1118da0ec937f8399c6d543ff569b188540971e38a5985f7d9ffb3dfc
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /public/ HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlVyOVZHZDRvbVBGTUYrdUdva3B0NkE9PSIsInZhbHVlIjoiWHpGT0tMWnMxc0JMSzd3aDlZR2M2VFoyVTh3Q2ZBU0VOWTBXVzJ1NVhudkVnNHp2M1Vvdnl2eWZMc1RjWi9EUld1K2ZpZnNNMGQ5SE1mZW03Y2lLQzRjQlRKaEhQcDVrNFRtcWRZQTdUeDhHQW5GU2RvU0dPVitNZmlIelhXSkUiLCJtYWMiOiJhMjUwOTA4NmQ0ZTRiNGMwMzAxNWMxYTBiNTgxMGExMzQ3YTcwZjg4NmQ5NmQ0NjE5ZjUzYjdiZjc4OTZiN2MyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InphQ1o2dUNZOEwxcDhObkU1M1RpTkE9PSIsInZhbHVlIjoiT0ZncDBsTVluQmZhVDFhUTZrUEl3dmY2SjFpcjM1MzFkQ2ZVUkV5Y20rVzQrbXhUclpCVWtEU0k2RmR4eG5SNnhDY1FTWFVJc0IvYmdFakVLaG1NMWVxQzlXSVJwQ0sycUVNUEJyaXN0MWRxMFFObmtwazVQbXdsWmZQNzNLY0giLCJtYWMiOiIxNWNmMzAzZDZkNzkwMmFhOTZmNjljODhhYjUzN2NiZmMzYzI0NDE3Yjg1MGE1OTZlN2M0YTdjOWQ5OGMzZTYzIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 21:46:54 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IlFsb0xudHZnQ2xpcWFnVlk3SjdBd3c9PSIsInZhbHVlIjoiQ0ZpN3BFa0hKbjliV3BTaDBWNy9PdFBiT3VSRnJUdTZFdXQvOTIrZWIycDQwNDRTZUFQRkxWc2VML3g3R0d3em90cG9mbldwaUpzaEhjb0wweXRnSjk0WHh5a2NmRXZ1aGdWUG8zWmdFK2tCMkkrdmNUd2ZjWnlWY3NBUFJSelUiLCJtYWMiOiIwOWIwM2ViZDE1MDI1YTMzNjIxODY3YzU5YzYwMWQxZDk1MDAyZDQ2MmE4ZjM1OTVmYWU2Y2I3ZGViYjNhNDAwIiwidGFnIjoiIn0%3D; expires=Sat, 19-Nov-2022 23:46:54 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6ImVqUHprSHZ3bTlVU3k1c1YvaHdzSWc9PSIsInZhbHVlIjoiK2FOY3p6cytXTUlrL05NQWkycUJDMmhkeVk1cDZlZDRUcytldmk5aktBS05qWm04V0sxekZhNFlXWUhJOE8rKzlYdGR2cElqYnU3MnQ0eFFmZ0s1bVNUUVVPVVhaVkxqa2NmdThuM2tDQ2tBLytPZkVZWjI2b3RvYXNjRnp5YXciLCJtYWMiOiIwNGJmZmUwYTQwMzQ0MDYzNjViMTJjMWIzZjBkMTkzNWZiYWMyZmUyY2JiYjk2ZGE1NjE0ZDQ4NmMwNTgwOTA3IiwidGFnIjoiIn0%3D; expires=Sat, 19-Nov-2022 23:46:54 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2a9fe2a6d00ba6ff3f7e74a3155ad307
7a774d46922883aa10e8c0438c466d8d4dd3c542
6ccc0280c6e09ee0ad72691dd4a0db70e04798b139c3a1330f0737ee5d5f414d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5436
Cache-Control: max-age=134791
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 21:46:54 GMT
Etag: "6378a519-117"
Expires: Mon, 21 Nov 2022 11:13:25 GMT
Last-Modified: Sat, 19 Nov 2022 09:42:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2a9fe2a6d00ba6ff3f7e74a3155ad307
7a774d46922883aa10e8c0438c466d8d4dd3c542
6ccc0280c6e09ee0ad72691dd4a0db70e04798b139c3a1330f0737ee5d5f414d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5436
Cache-Control: max-age=134791
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 21:46:54 GMT
Etag: "6378a519-117"
Expires: Mon, 21 Nov 2022 11:13:25 GMT
Last-Modified: Sat, 19 Nov 2022 09:42:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
djbraak.com/rnHYdYQlWIKKwPI72o6vciSZRcMPQt77/
161.97.137.90301 Moved Permanently 266 B URL HTTP/1.1 djbraak.com/rnHYdYQlWIKKwPI72o6vciSZRcMPQt77/
IP 161.97.137.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d0db225076cd0bd65a3723aadeb1dfaf
f0019ff9afdcf20778031e8f6031ab046461f688
6b7885e1038f4d60af4906c2b46f3e5a0af6ba6dd2e09b9e5e7ab65d99b3c63f
GET /rnHYdYQlWIKKwPI72o6vciSZRcMPQt77/ HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://djbraak.com/public/
Cookie: XSRF-TOKEN=eyJpdiI6IlFsb0xudHZnQ2xpcWFnVlk3SjdBd3c9PSIsInZhbHVlIjoiQ0ZpN3BFa0hKbjliV3BTaDBWNy9PdFBiT3VSRnJUdTZFdXQvOTIrZWIycDQwNDRTZUFQRkxWc2VML3g3R0d3em90cG9mbldwaUpzaEhjb0wweXRnSjk0WHh5a2NmRXZ1aGdWUG8zWmdFK2tCMkkrdmNUd2ZjWnlWY3NBUFJSelUiLCJtYWMiOiIwOWIwM2ViZDE1MDI1YTMzNjIxODY3YzU5YzYwMWQxZDk1MDAyZDQ2MmE4ZjM1OTVmYWU2Y2I3ZGViYjNhNDAwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImVqUHprSHZ3bTlVU3k1c1YvaHdzSWc9PSIsInZhbHVlIjoiK2FOY3p6cytXTUlrL05NQWkycUJDMmhkeVk1cDZlZDRUcytldmk5aktBS05qWm04V0sxekZhNFlXWUhJOE8rKzlYdGR2cElqYnU3MnQ0eFFmZ0s1bVNUUVVPVVhaVkxqa2NmdThuM2tDQ2tBLytPZkVZWjI2b3RvYXNjRnp5YXciLCJtYWMiOiIwNGJmZmUwYTQwMzQ0MDYzNjViMTJjMWIzZjBkMTkzNWZiYWMyZmUyY2JiYjk2ZGE1NjE0ZDQ4NmMwNTgwOTA3IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 19 Nov 2022 21:46:54 GMT
Server: Apache
Location: http://djbraak.com/public/rnHYdYQlWIKKwPI72o6vciSZRcMPQt77
Content-Length: 266
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
push.services.mozilla.com/
54.148.17.90101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.17.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IcGu6DqqBebDqkY6b94sQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NA+3ov3LD7PVK8hOclWqrRa655s=
djbraak.com/public/rnHYdYQlWIKKwPI72o6vciSZRcMPQt77
161.97.137.90200 OK 60 kB URL HTTP/1.1 djbraak.com/public/rnHYdYQlWIKKwPI72o6vciSZRcMPQt77
IP 161.97.137.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39884)
Hash 2097208e70e767407057db9588bd761c
0d2b6000129113e86199c07f51fb0e892b13f7cc
d3d38b34dd027999e3f3fb30ce52723c610c26726f5982395f1efd08810c423a
GET /public/rnHYdYQlWIKKwPI72o6vciSZRcMPQt77 HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://djbraak.com/public/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlFsb0xudHZnQ2xpcWFnVlk3SjdBd3c9PSIsInZhbHVlIjoiQ0ZpN3BFa0hKbjliV3BTaDBWNy9PdFBiT3VSRnJUdTZFdXQvOTIrZWIycDQwNDRTZUFQRkxWc2VML3g3R0d3em90cG9mbldwaUpzaEhjb0wweXRnSjk0WHh5a2NmRXZ1aGdWUG8zWmdFK2tCMkkrdmNUd2ZjWnlWY3NBUFJSelUiLCJtYWMiOiIwOWIwM2ViZDE1MDI1YTMzNjIxODY3YzU5YzYwMWQxZDk1MDAyZDQ2MmE4ZjM1OTVmYWU2Y2I3ZGViYjNhNDAwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImVqUHprSHZ3bTlVU3k1c1YvaHdzSWc9PSIsInZhbHVlIjoiK2FOY3p6cytXTUlrL05NQWkycUJDMmhkeVk1cDZlZDRUcytldmk5aktBS05qWm04V0sxekZhNFlXWUhJOE8rKzlYdGR2cElqYnU3MnQ0eFFmZ0s1bVNUUVVPVVhaVkxqa2NmdThuM2tDQ2tBLytPZkVZWjI2b3RvYXNjRnp5YXciLCJtYWMiOiIwNGJmZmUwYTQwMzQ0MDYzNjViMTJjMWIzZjBkMTkzNWZiYWMyZmUyY2JiYjk2ZGE1NjE0ZDQ4NmMwNTgwOTA3IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 21:46:54 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; expires=Sat, 19-Nov-2022 23:46:54 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; expires=Sat, 19-Nov-2022 23:46:54 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 87267e965daada0e9ce0fc90c53f3c63
1536e48aae5950d49f36e0a0c92e0f5bb0bc890a
a1869d3808e49959d81c7cbf817f7f2dd15df9b00a6db770fac5f9681747bb0c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3229
Cache-Control: max-age=125408
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 21:46:54 GMT
Etag: "63788912-1d7"
Expires: Mon, 21 Nov 2022 08:37:02 GMT
Last-Modified: Sat, 19 Nov 2022 07:43:14 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://djbraak.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 21:46:54 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 711523
expires: Thu, 09 Nov 2023 21:46:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaBeY22BRF6tzqsW1PeJURDCJTAvoQPWTqRsvJNqhn4RvUy4SDAmJzDH0YBRTZ4zCN78K4n9vyyUoLV81SEzRx8lrha90cIXAYNS5QEucc8ySHKZSRUjgJs0ONJDDFOMc0DGO07c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76cc242d8fedb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9289a79ff06d32c80223b65209c32b34
484b585549b33f7ae4cc5ca935cb789b4e0fb031
cba0daf59a35cff0bedd42efd4bdd81fce42c036225ae5222dd1022bb47925d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1673
Cache-Control: max-age=146151
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 21:46:54 GMT
Etag: "6378e02c-116"
Expires: Mon, 21 Nov 2022 14:22:45 GMT
Last-Modified: Sat, 19 Nov 2022 13:54:52 GMT
Server: ECS (amb/6B80)
X-Cache: HIT
Content-Length: 278
djbraak.com/public/js/session-recorder.js
161.97.137.90200 OK 45 kB URL HTTP/1.1 djbraak.com/public/js/session-recorder.js
IP 161.97.137.90:0
File type ASCII text, with very long lines (44992)
Hash 701984b4995f3c29820e83c999b7eb23
a3b50104a3bfa05bf59a317273816c7d8ae1f81d
67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee
Analyzer Verdict Alert urlquery Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /public/js/session-recorder.js HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://djbraak.com/public/rnHYdYQlWIKKwPI72o6vciSZRcMPQt77
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 21:46:55 GMT
Server: Apache
Last-Modified: Tue, 29 Mar 2022 20:35:56 GMT
Accept-Ranges: bytes
Content-Length: 45066
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
djbraak.com/public/js/app.js
161.97.137.90200 OK 1.6 MB URL HTTP/1.1 djbraak.com/public/js/app.js
IP 161.97.137.90:0
Size 1.6 MB (1613806 bytes)
Hash fd900f643203761f2eeca2132fc15f1d
375f23ca9ad75b647373bda03b02e2d0f6e729be
399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68
Analyzer Verdict Alert urlquery Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /public/js/app.js HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://djbraak.com/public/rnHYdYQlWIKKwPI72o6vciSZRcMPQt77
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 21:46:54 GMT
Server: Apache
Last-Modified: Tue, 29 Mar 2022 20:35:56 GMT
Accept-Ranges: bytes
Content-Length: 1613806
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
djbraak.com/images/logo.png
161.97.137.90200 OK 2.0 kB URL HTTP/1.1 djbraak.com/images/logo.png
IP 161.97.137.90:0
File type PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d14ab93691604e826e1319d53599eb9
78724360e9d25da584445b851e37bca05abe6b85
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
Analyzer Verdict Alert urlquery Phishing - DHL
openphish DHL Airways, Inc.
GET /images/logo.png HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://djbraak.com/public/rnHYdYQlWIKKwPI72o6vciSZRcMPQt77
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 21:46:55 GMT
Server: Apache
Last-Modified: Sun, 17 Apr 2022 14:24:00 GMT
Accept-Ranges: bytes
Content-Length: 1998
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
djbraak.com/images/all.png
161.97.137.90200 OK 13 kB URL HTTP/1.1 djbraak.com/images/all.png
IP 161.97.137.90:0
Hash 3d6cdffb587778a857a238031dc07b1f
1f03b97f9fd9362e5b0d2e5ca66f63e55d9ddf35
3fc227b2f12554cff2a5c85d2392d4e20f6ef5345182e13d441ae1e5766853cb
Analyzer Verdict Alert urlquery Phishing - DHL
openphish DHL Airways, Inc.
GET /images/all.png HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://djbraak.com/public/rnHYdYQlWIKKwPI72o6vciSZRcMPQt77
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 21:46:55 GMT
Server: Apache
Last-Modified: Sun, 17 Apr 2022 14:24:34 GMT
Accept-Ranges: bytes
Content-Length: 12499
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 502b6b64c2137a5099c74235e79a3725
5cf341b9d5bcd5299248b4d9f3d4d6d6eaab1f2a
29c468fcf5b09b175b68f072ad1464aba11a3332db51ef2d69508d14c4c82485
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5802
Cache-Control: max-age=151036
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 21:46:55 GMT
Etag: "6378e321-117"
Expires: Mon, 21 Nov 2022 15:44:11 GMT
Last-Modified: Sat, 19 Nov 2022 14:07:29 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
djbraak.com/images/foo.png
161.97.137.90404 Not Found 6.6 kB URL HTTP/1.1 djbraak.com/images/foo.png
IP 161.97.137.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery Phishing - DHL
openphish DHL Airways, Inc.
GET /images/foo.png HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://djbraak.com/public/rnHYdYQlWIKKwPI72o6vciSZRcMPQt77
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
HTTP/1.1 404 Not Found
Date: Sat, 19 Nov 2022 21:46:55 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
djbraak.com/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c
161.97.137.90404 Not Found 6.6 kB URL HTTP/1.1 djbraak.com/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c
IP 161.97.137.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://djbraak.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
HTTP/1.1 404 Not Found
Date: Sat, 19 Nov 2022 21:46:55 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
djbraak.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
161.97.137.90404 Not Found 6.6 kB URL HTTP/1.1 djbraak.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
IP 161.97.137.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://djbraak.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
HTTP/1.1 404 Not Found
Date: Sat, 19 Nov 2022 21:46:55 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 21:46:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 21:46:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 21:46:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 21:46:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 21:46:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s1153EpshSWYGLcN7Zzzs4PgXl9cddZ20gTwh5bK2HOBu4e_PSNCpQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:36:46 GMT
age: 65409
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a4c45ae-b32f-41fd-b114-30dd881b4ef3.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a4c45ae-b32f-41fd-b114-30dd881b4ef3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1e751db3c22be366e4bef8b30644677
a2147825fc70ee46cdff2c5857646078c7cc3dad
713e83ce024a939bbc34268a18ea20e6e18fedeeeb6c5e5788df9b473c1c1c27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a4c45ae-b32f-41fd-b114-30dd881b4ef3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7659
x-amzn-requestid: 78936c00-59d6-45ae-97fe-b038a9748078
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i0BFtdoAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b4c-45f909677dc2cece6f0e27aa;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:31:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -B6mMWjuXxI3rVMu78ut9_BICmn-XzHWHfmj5Xi6H0OoXSAMCPNm0Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:44 GMT
etag: "a2147825fc70ee46cdff2c5857646078c7cc3dad"
content-type: image/jpeg
age: 311
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8f1dddf91a53f8f28d70565d1a3458b
9d026c2c53629648cfda4a324eadae6e33de0d55
c352216d126382d7b588ff6e5a3ed6ab12d92dc5e58216cc5883c27bf612a7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7968
x-amzn-requestid: 0dc9cfbf-7e72-45a7-9496-49a5cf1a4465
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jZmEwboAMF1tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c3d-1f40770e29ad853b31a3aa23;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UM4MVSwb8F1uv2jbbdeh8bhV3KJNhqiN9wJj1Yua8h4x762uD8UKyQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:44 GMT
age: 311
etag: "9d026c2c53629648cfda4a324eadae6e33de0d55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4454f87c40e9b7c5de9853c1ec6f0671
119aac07a88e7c358bf353335f3a81039ca9943b
e909f823611609282c643c58ccc7b267dcfc09970e58b66742dc8baf7cda5bf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5699
x-amzn-requestid: ea538aed-2b5a-4940-b49f-b4703a556956
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i6KHnQoAMFu3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b74-2f756f9a27ddc4b001cdaff2;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:32:36 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w4JqPNmzHlUl4EMM2osU4Z5dtroFWOB0DL5ylePs6XBbIdxpsPItnQ==
via: 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:44 GMT
etag: "119aac07a88e7c358bf353335f3a81039ca9943b"
content-type: image/jpeg
age: 311
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51792f65-6e89-49e5-9135-0a8a2de2ab9c.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51792f65-6e89-49e5-9135-0a8a2de2ab9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3c8c476db4c44614c4ba79f584acf65
35318fa392a72f49f293bfd582960d195065403a
61af67d251bb0523cbf938ed497f540a7529d8130b1950bde9ce2bf8cef3dcfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51792f65-6e89-49e5-9135-0a8a2de2ab9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6953
x-amzn-requestid: b224cf31-9132-4af2-b4ad-0fde224e7222
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jZmEXoIAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c3d-3b19e98831138506588e2229;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2ef6C4hpAZo72BfD46AxHqw-Pd4ywBJxE9FkQRGu31ymPd0zRuz4PA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:44 GMT
age: 311
etag: "35318fa392a72f49f293bfd582960d195065403a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79ccaf63b8e37223509518f540b26f54
fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71
950ae082472515d39c9e3440cee399376e99840651ff04c4d2581951e44163de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9653
x-amzn-requestid: 06932e2b-59fa-4e05-aad3-65d7e2045e13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i5fHJEoAMF8Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b6f-0062640e7868cf664bcf26d2;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:32:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6eFgEWflu3zqDd4J838DeZiPxNafliBVrce95D_29-oviwINWR2bkw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:44 GMT
etag: "fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71"
content-type: image/jpeg
age: 311
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
djbraak.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
161.97.137.90404 Not Found 6.6 kB URL HTTP/1.1 djbraak.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
IP 161.97.137.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://djbraak.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
HTTP/1.1 404 Not Found
Date: Sat, 19 Nov 2022 21:46:55 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
djbraak.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775
161.97.137.90404 Not Found 6.6 kB URL HTTP/1.1 djbraak.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775
IP 161.97.137.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://djbraak.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
HTTP/1.1 404 Not Found
Date: Sat, 19 Nov 2022 21:46:55 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
54.196.26.227101 Switching Protocols 0 B URL HTTP/1.1 ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
IP 54.196.26.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://djbraak.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7Q+Aii3HcpdRcq4GzJluSw==
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 19 Nov 2022 21:46:55 GMT
Connection: upgrade
Server: nginx/1.17.7
Upgrade: websocket
Sec-WebSocket-Accept: N5PKfxrQy6n2D+0YWuwKQtMIHlA=
djbraak.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
161.97.137.90404 Not Found 6.6 kB URL HTTP/1.1 djbraak.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
IP 161.97.137.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://djbraak.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-2f450e9a-ab6d-4e6f-84fd-079b4f46f46a%22%2C%22lastActivity%22:1668894415632}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668894415633}
HTTP/1.1 404 Not Found
Date: Sat, 19 Nov 2022 21:46:55 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
djbraak.com/images/favicon.gif
161.97.137.90200 OK 2.2 kB URL HTTP/1.1 djbraak.com/images/favicon.gif
IP 161.97.137.90:0
File type MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Hash a6f1af8e79a11829ba9a66474b06bb97
d99e3ec7747c865033a8dfad43c9f49634404bc1
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807
Analyzer Verdict Alert urlquery Phishing - DHL
openphish DHL Airways, Inc.
GET /images/favicon.gif HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://djbraak.com/public/rnHYdYQlWIKKwPI72o6vciSZRcMPQt77
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-2f450e9a-ab6d-4e6f-84fd-079b4f46f46a%22%2C%22lastActivity%22:1668894415632}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668894415633}; _lr_uf_-mnnzup=1dc2a00e-7e0c-44d4-a818-80eb6100f1a8
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 21:46:56 GMT
Server: Apache
Last-Modified: Sun, 17 Apr 2022 14:25:28 GMT
Accept-Ranges: bytes
Content-Length: 2238
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
djbraak.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603
161.97.137.90404 Not Found 6.6 kB URL HTTP/1.1 djbraak.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603
IP 161.97.137.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery Phishing - DHL
openphish DHL Airways, Inc.
fortinet Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603 HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://djbraak.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-2f450e9a-ab6d-4e6f-84fd-079b4f46f46a%22%2C%22lastActivity%22:1668894415632}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668894415633}; _lr_uf_-mnnzup=1dc2a00e-7e0c-44d4-a818-80eb6100f1a8
HTTP/1.1 404 Not Found
Date: Sat, 19 Nov 2022 21:46:56 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
djbraak.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
161.97.137.90404 Not Found 6.6 kB URL HTTP/1.1 djbraak.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
IP 161.97.137.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery Phishing - DHL
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://djbraak.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-2f450e9a-ab6d-4e6f-84fd-079b4f46f46a%22%2C%22lastActivity%22:1668894415632}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668894415633}; _lr_uf_-mnnzup=1dc2a00e-7e0c-44d4-a818-80eb6100f1a8
HTTP/1.1 404 Not Found
Date: Sat, 19 Nov 2022 21:46:56 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0149a207e59dd08e82cf7d1c886d1124
1d4fb5c8abebe5148047ee847248de3b48aa011d
a9b469ac5b47806b6bb51c3d1638a5bdfdaf0dbe30486302cdd055a7b0df5e7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9B469AC5B47806B6BB51C3D1638A5BDFDAF0DBE30486302CDD055A7B0DF5E7D"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6918
Expires: Sat, 19 Nov 2022 23:42:16 GMT
Date: Sat, 19 Nov 2022 21:46:58 GMT
Connection: keep-alive
r.lr-in.com/i?a=mnnzup%2Fdus&r=5-2f450e9a-ab6d-4e6f-84fd-079b4f46f46a&t=36d5cad5-c767-4fe2-8282-08d7b821d856&s=0&rs=0%2Cu&u=ba28cfa2-9adf-49a3-8949-88df4e3e88f6
104.198.23.205201 Created 104 B URL HTTP/2 r.lr-in.com/i?a=mnnzup%2Fdus&r=5-2f450e9a-ab6d-4e6f-84fd-079b4f46f46a&t=36d5cad5-c767-4fe2-8282-08d7b821d856&s=0&rs=0%2Cu&u=ba28cfa2-9adf-49a3-8949-88df4e3e88f6
IP 104.198.23.205:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 189e5aa5a897b0373bbde8ab5b70865d
6ca5b523eeae8ce1228d6cd12044762d6317b710
56c57ddb04140a37df2f0b9ae80dbdd58368da58e2705746420039eeb6a60b90
POST /i?a=mnnzup%2Fdus&r=5-2f450e9a-ab6d-4e6f-84fd-079b4f46f46a&t=36d5cad5-c767-4fe2-8282-08d7b821d856&s=0&rs=0%2Cu&u=ba28cfa2-9adf-49a3-8949-88df4e3e88f6 HTTP/1.1
Host: r.lr-in.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 390857
Origin: http://djbraak.com
Connection: keep-alive
Referer: http://djbraak.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
date: Sat, 19 Nov 2022 21:46:59 GMT
content-type: application/json; charset=utf-8
content-length: 104
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
etag: W/"68-bKW1I+6ujOEijWzRIER2LWMXtxA"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-ClickHouse-Override,X-LogRocket-ClickHouse-Enabled-Queries
access-control-max-age: 1728000
X-Firefox-Spdy: h2
files.killbot.org/.cdn-cgi/killbot-security.js
172.67.166.105404 Not Found 0 B URL HTTP/2 files.killbot.org/.cdn-cgi/killbot-security.js
IP 172.67.166.105:0
GET /.cdn-cgi/killbot-security.js HTTP/1.1
Host: files.killbot.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://djbraak.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 19 Nov 2022 21:46:54 GMT
content-type: text/html
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
cache-control: max-age=14400
cf-cache-status: HIT
age: 35
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35O8AHYK2Vg%2B3%2B%2FmgMwZouejnIRLlwY53qIzIYe%2FAiXHFJHnb%2Fa5KGjy1mMGSGzyIuQiSD95XY7m0l8eDTg6p5Em81kjzzf%2BdmYoIhjXCtKaXl3dY%2Bbjj%2BqVAtEsqPu%2BIQ15SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cc24297894b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
djbraak.com/public/css/app.css
161.97.137.90200 OK 0 B URL HTTP/1.1 djbraak.com/public/css/app.css
IP 161.97.137.90:0
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /public/css/app.css HTTP/1.1
Host: djbraak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://djbraak.com/public/rnHYdYQlWIKKwPI72o6vciSZRcMPQt77
Cookie: XSRF-TOKEN=eyJpdiI6IlRIL3kxZ1dRekxYenU3a0gxNS9YNEE9PSIsInZhbHVlIjoibEFjR2N6Z29hQmZydnY5N3JSVUtxWnZMZDFBNy93QVlxN083Vng2OE5pMDR4QWF3RnhZejg0cWs3Nm1zTjY0WDVqUUVEZXE2YXBTQ3lsV2tMZG9vUVJaQzZ0R2FBVk0vZmZBYnR4WnAzKzFkTEpWeFZ2R1h4VHd6QjNCUkZWbTEiLCJtYWMiOiIyNDBhOTRjYTJlYjFlZmU2NTE2NTVkZTQxYzVmNzFiY2MwY2RhMjgxNjc0MjE4MjQ4NmFhZTViM2EwOWE1YTg2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5ndTcrYlFRdXlTc3d5TmNZa00walE9PSIsInZhbHVlIjoiTytRK3U1T3FFakdGZEFUOFJCTnkwb2FDdnZ4L3VqaUtyNkFQK0x1WXJrd2ljUnI0OHBmeEdwTVBCKzVpdXA5WUcrVmFzdlo1czdJcEtMQWovcTRTSVVZM05RQ1BoUVViNTBXUnRLNWFDL0s3TUIyc016VVpVUFIyZkh2WEkxWGIiLCJtYWMiOiI1MDVhNjNmZjY5MDdkZjMwZGY2ODkxYjBhOGJiNjM4ZmU4YzhiYTVhYjAxZDY3YmE3NjY1YmU0ZmJiZmE2NDliIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-f4340e43-adeb-41cd-bc40-5a51d0f6085a%22%2C%22lastActivity%22:1668891713287}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1668891713288}
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 21:46:54 GMT
Server: Apache
Last-Modified: Tue, 29 Mar 2022 21:11:08 GMT
Accept-Ranges: bytes
Content-Length: 439658
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
static.hotjar.com/c/hotjar-2895475.js?sv=6
143.204.55.98200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2895475.js?sv=6
IP 143.204.55.98:0
GET /c/hotjar-2895475.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://djbraak.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sat, 19 Nov 2022 21:46:31 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/323ddb947769b3e3fe2793fc7c058f7f
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dEPnxGwAbClSw5arcg0BRjzXRtKeDKPwT6iIapFXFJVbH1hKjWTYfg==
age: 25
X-Firefox-Spdy: h2
kit.fontawesome.com/f7165dd215.js
104.18.23.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/f7165dd215.js
IP 104.18.23.52:0
GET /f7165dd215.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://djbraak.com
Connection: keep-alive
Referer: http://djbraak.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 21:46:55 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FyijpKHTHW5qr9guVvOi
cf-cache-status: HIT
server: cloudflare
cf-ray: 76cc242d8b12b4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2