Report - package.dittugarments.com/public/2fzLYGb2FcjwGKzQIeJAa4k0foHCGJCU

Report Overview

Visited public
2023-11-28 11:07:23
Tags
dhl logistics phishing suspicious
URL
package.dittugarments.com/public/2fzLYGb2FcjwGKzQIeJAa4k0foHCGJCU
Finishing URL
package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
IP / ASN
167.114.30.172
#16276 OVH SAS
Title
Delivery
Phishing - DHL
Suspicious - Suspicious Javascript code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-11-28 05:09:10	1.4 kB	2.2 kB	151.101.1.229
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-11-28 05:09:25	2.3 kB	720 kB	104.17.24.14
cdn.s-pass.org	unknown	2011-10-25	2022-06-08 13:11:38	2023-11-27 19:24:55	559 B	5.8 kB	172.67.75.167
sockjs-mt1.pusher.com	21675	1997-06-03	2015-11-25 16:29:46	2023-11-27 18:10:26	1.3 kB	894 B	44.217.82.191
dispatching-centre.lasamericascargo.com	unknown	2000-05-05	2022-04-06 21:56:33	2023-11-27 08:02:40	473 B	0 B	0.0.0.0
cdn.lr-in.com	13237	2021-07-19	2021-07-19 16:36:56	2023-11-28 08:57:39	427 B	847 kB	104.21.234.145
package.dittugarments.com	unknown	2022-10-20	2023-11-21 10:22:39	2023-11-28 09:07:59	29 kB	3.3 MB	167.114.30.172
ws-mt1.pusher.com	8253	1997-06-03	2018-09-20 13:30:02	2023-11-28 07:11:23	2.5 kB	1.1 kB	35.171.236.208
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-28 07:52:06	489 B	9.7 kB	142.250.74.106
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-11-28 05:10:06	878 B	69 kB	151.101.194.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-11-26	medium	package.dittugarments.com/public/2fzLYGb2FcjwGKzQIeJAa4k0foHCGJCU	DHL Airways, Inc.
2023-11-21	medium	package.dittugarments.com/public	DHL Airways, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	From	Size	First Seen	Last Seen
	package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc	ScriptElement	248 B	2023-03-13	2024-11-26
Pretty URL package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc IP 167.114.30.172 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 17:37 Last Seen2024-11-26 00:24 Times Seen1294 Hash 4650ef73be9884bdea100c5f58eb3ce0 0604200a9b4548990be2b6bddd564b755f41853d ea625b24a834457af4291263a5886ef3b7967ddd661aa1b111aefe454a948ab8 Loading...

	code.jquery.com/jquery-1.12.4.min.js	ScriptElement	97 kB	2023-03-07	2025-05-11
Pretty URL code.jquery.com/jquery-1.12.4.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 17:40 Times Seen29048 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	package.dittugarments.com/public/dinzab/app.js	ScriptElement	920 kB	2023-03-08	2024-11-26
Pretty URL package.dittugarments.com/public/dinzab/app.js IP 167.114.30.172 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22 Last Seen2024-11-26 00:24 Times Seen3375 Hash 508afd6ff9ab52ce8f480d35568038d1 b5d9891100e0dce59cee59b75a098a1ae64c779b 8af18273c1833477cf810c4e3a76f483b6a6064571d25ea7742d8708378c8f09 Loading...

	package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc	ScriptElement	86 B	2024-08-20	2024-08-20
Pretty URL package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc IP 167.114.30.172 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:36 Last Seen2024-08-20 17:36 Times Seen1 Hash 1ccaab6c6a4266ca631ec7059ba82fc4 7af4d5d2ee6e3a6066bd65695f471908c07e71de 9505543529ae7e5c378ad889b5d4e09e8cda02647a713692688bea16f4ba58c3 Loading...

	package.dittugarments.com/public/dinzab/card.js	ScriptElement	59 kB	2023-03-07	2024-11-26
Pretty URL package.dittugarments.com/public/dinzab/card.js IP 167.114.30.172 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24 Last Seen2024-11-26 00:24 Times Seen3420 Hash 30e93a747ba8285615cfbc3643dc1a62 3a55f9d6ac708f519d351ea0b69083457778ec9d 18c4b9b4c27233b541a47300a4ee98239e1f8dec4bbcd9fabb6bdad12ca82025 Loading...

	package.dittugarments.com/public/dinzab/data.js	ScriptElement	12 kB	2023-03-08	2024-11-26
Pretty URL package.dittugarments.com/public/dinzab/data.js IP 167.114.30.172 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22 Last Seen2024-11-26 00:24 Times Seen3385 Hash a2b78e86240966cda00a463614e4f3dd a2606f30f77bb9f235746059db16b0ee8b585c31 55e47db856701715f613de8674bd0c67604cc304514b791bed402866d18c8557 Loading...

	package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc	ScriptElement	1.8 kB	2023-11-21	2024-08-20
Pretty URL package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc IP 167.114.30.172 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-21 18:36 Last Seen2024-08-20 18:26 Times Seen931 Hash 1cfd41806ce319f7e19ad8f976e039a0 5fe5871ed4c3dc818cc911fec6a8afd06fbc7931 7c6a0f51b17d5006f90db0c90713cb6a3ce661ee5ebe319b003fcdebf05a9b1b Loading...

	package.dittugarments.com/public/dinzab/countrySelect.js	ScriptElement	37 kB	2023-03-08	2024-11-26
Pretty URL package.dittugarments.com/public/dinzab/countrySelect.js IP 167.114.30.172 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22 Last Seen2024-11-26 00:24 Times Seen3400 Hash ee3d5d4880b5dac09d9ca3c23cdd28da f95728f89723a079442d67ed6aa38abf8ecab4fd 657baddf2724ae4570fa40c00dddefa3379b5709ac06ceb536f6177a1bfc394f Loading...

	cdn.lr-in.com/logger-1.min.js	ScriptElement	846 kB	2023-11-28	2024-08-20
Pretty URL cdn.lr-in.com/logger-1.min.js IP 104.21.234.145 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 00:11 Last Seen2024-08-20 17:40 Times Seen168 Hash a461bcdb357c97b284f77637bbed3305 0b04b12bc7e5e0e87bf5c99808fae1cce8c1df55 c3e314716bf4c60fa9ceffc83f7437117390542adcf29b895d6603a8147f0205 Loading...

	cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/imask.min.js	ScriptElement	46 kB	2023-03-07	2025-05-11
Pretty URL cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/imask.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-11 15:03 Times Seen3790 Hash 79c82646b886e08184f7b9fff25e64ff 804b4b0f8f3443ff05833e33fb5b76780ffafe25 8b76b3502583edddf22df0b9c6ee640053a2cdfeaa113ceff3ea9b61d1f6410d Loading...

	cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/js/all.min.js	ScriptElement	1.1 MB	2023-03-07	2025-05-11
Pretty URL cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/js/all.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50 Last Seen2025-05-11 17:58 Times Seen3419 Hash 61008443488f4e7f60d5a5055483187e b56375acc5e062f79280440459d0d7b0f10a290b 1d3f596f76f53d53ef7cb1ffeffd6f791b54bd639b42e4f23e7f2d7b36f91c48 Loading...

	package.dittugarments.com/public/dinzab/intlTelInput.js	ScriptElement	89 kB	2023-03-08	2025-04-19
Pretty URL package.dittugarments.com/public/dinzab/intlTelInput.js IP 167.114.30.172 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22 Last Seen2025-04-19 03:06 Times Seen3650 Hash 9146aa46d1f409004183b86f202c4607 717a6d53527fe31ec1c4eef9022b06e5d4d6f6a5 b188900aaff98a87fc69519ab04437aa735708b4b92f2adcab6937d2a1d42e37 Loading...

	package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc	ScriptElement	866 B	2023-03-13	2024-08-21
Pretty URL package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc IP 167.114.30.172 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 17:37 Last Seen2024-08-21 03:49 Times Seen1266 Hash e1784cbe55975edfe3edc273d04e6427 8e4aeb9d5897da9a00f6c3d1b3020f0838bcdead 3af742559ea4b2e491eb2f5bbd4dea73e6f5e0676470eb72dfd1aa13abd134f8 Loading...

HTTP Transactions (46)

URL IP Response Size

package.dittugarments.com/public/2fzLYGb2FcjwGKzQIeJAa4k0foHCGJCU

167.114.30.172

406 B

URL
package.dittugarments.com/public/2fzLYGb2FcjwGKzQIeJAa4k0foHCGJCU
IP
167.114.30.172:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
406 B (406 bytes)
Hash
59f665f4e8b0de50ce9f4d3b3986738e
09472b45ea37760858f630988f50d69b1583f445
704abe42375f89894e44312a52e5172cdf8e94e26a4a3c6382de1844af07e366

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /public/2fzLYGb2FcjwGKzQIeJAa4k0foHCGJCU HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 28 Nov 2023 11:07:05 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ijgrd1EwT1dSWmRPd3R4UTFNM2JPTVE9PSIsInZhbHVlIjoiNjA1NXdudlhDd3c2MzJYZUFScG54TE5HcmxSNFJRQis0NjdodE9KaTJYTEoxWlNWSzlEaEVGaTFzckl1c0VLWkpqN0Y0dUMxNlQvTHZpQ1U1cUp5S3JlZDlXSWJOakhwV3paMXJXQ3I0eXUrbkdpcGFqdXF3bWhMc0hpRkZZWkEiLCJtYWMiOiIwY2E3Yzk3Njc1YTNmMDgwZWZmNzQzY2YzYTVmZWE1NzViZjEzOGNiZDVlNzM3NjkxYmFhZTRjOTU5NzQ1ZjgwIiwidGFnIjoiIn0%3D; expires=Tue, 28-Nov-2023 13:07:05 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IldDbEkrc0RsVUtDZTdGc1RQSS9ubnc9PSIsInZhbHVlIjoienFkSmJrR1NUWGFjaXp1ZDJvZm1XMlVoL0hQL2ZFbTVxcGpTVVdDdFhyOVhmQjJLcGd6ZWxBeU5STG14TjZtamY0TDhGdU9nZ3VlSkhiSThvaGV6cDRNaFRvSW9vQThyaWZMU2MydFM3bkx5SExjNDg4ZGVPandVNTc3emdBeEoiLCJtYWMiOiJlNjcyM2FlNWVhZTUwMjA1MTkxYjE1NWQ3Njk5MTAwZWRkMWVkNDM2ZTkxYmFkN2JmNmMwNjMyYmEwMzFlYmQxIiwidGFnIjoiIn0%3D; expires=Tue, 28-Nov-2023 13:07:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Location: https://package.dittugarments.com/public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

package.dittugarments.com/public

167.114.30.172

249 B

URL
package.dittugarments.com/public
IP
167.114.30.172:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
249 B (249 bytes)
Hash
a8e11bccdd02a57c9f088693a6595edb
2e29945d816bf9d4d8f244a8e60f671410098d1d
3fd5f6483304c2d479276375ef9ad5d751348bfdb8e188f304b7c79c53388c43

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /public HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ijgrd1EwT1dSWmRPd3R4UTFNM2JPTVE9PSIsInZhbHVlIjoiNjA1NXdudlhDd3c2MzJYZUFScG54TE5HcmxSNFJRQis0NjdodE9KaTJYTEoxWlNWSzlEaEVGaTFzckl1c0VLWkpqN0Y0dUMxNlQvTHZpQ1U1cUp5S3JlZDlXSWJOakhwV3paMXJXQ3I0eXUrbkdpcGFqdXF3bWhMc0hpRkZZWkEiLCJtYWMiOiIwY2E3Yzk3Njc1YTNmMDgwZWZmNzQzY2YzYTVmZWE1NzViZjEzOGNiZDVlNzM3NjkxYmFhZTRjOTU5NzQ1ZjgwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IldDbEkrc0RsVUtDZTdGc1RQSS9ubnc9PSIsInZhbHVlIjoienFkSmJrR1NUWGFjaXp1ZDJvZm1XMlVoL0hQL2ZFbTVxcGpTVVdDdFhyOVhmQjJLcGd6ZWxBeU5STG14TjZtamY0TDhGdU9nZ3VlSkhiSThvaGV6cDRNaFRvSW9vQThyaWZMU2MydFM3bkx5SExjNDg4ZGVPandVNTc3emdBeEoiLCJtYWMiOiJlNjcyM2FlNWVhZTUwMjA1MTkxYjE1NWQ3Njk5MTAwZWRkMWVkNDM2ZTkxYmFkN2JmNmMwNjMyYmEwMzFlYmQxIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 28 Nov 2023 11:07:05 GMT
Server: Apache
Location: https://package.dittugarments.com/public/
Content-Length: 249
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

package.dittugarments.com/

167.114.30.172

242 B

URL
package.dittugarments.com/
IP
167.114.30.172:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
242 B (242 bytes)
Hash
8d1dec226fd35a79a69d9c8e10003af1
86210c24de39c96221b85c67280cf71acd575430
a8a224037bc78ac1a670d36bd2d0aeff8e2fb7f1717d80210f7d1736cbbd9aad

HTTP Headers

GET / HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 28 Nov 2023 11:07:06 GMT
Server: Apache
Location: https://package.dittugarments.com/
Content-Length: 242
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

package.dittugarments.com/public/

167.114.30.172

544 B

URL
package.dittugarments.com/public/
IP
167.114.30.172:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
544 B (544 bytes)
Hash
a0a2220c19b7dc7ce0607bdfe44bb64a
c80568ca3c20da4131a0b4353cf4fdb995e4d0dc
5928c7c6ccbbe559436a0e1c06c65dd39299b058dd3fd728491ed80b89f05611

HTTP Headers

GET /public/ HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ijgrd1EwT1dSWmRPd3R4UTFNM2JPTVE9PSIsInZhbHVlIjoiNjA1NXdudlhDd3c2MzJYZUFScG54TE5HcmxSNFJRQis0NjdodE9KaTJYTEoxWlNWSzlEaEVGaTFzckl1c0VLWkpqN0Y0dUMxNlQvTHZpQ1U1cUp5S3JlZDlXSWJOakhwV3paMXJXQ3I0eXUrbkdpcGFqdXF3bWhMc0hpRkZZWkEiLCJtYWMiOiIwY2E3Yzk3Njc1YTNmMDgwZWZmNzQzY2YzYTVmZWE1NzViZjEzOGNiZDVlNzM3NjkxYmFhZTRjOTU5NzQ1ZjgwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IldDbEkrc0RsVUtDZTdGc1RQSS9ubnc9PSIsInZhbHVlIjoienFkSmJrR1NUWGFjaXp1ZDJvZm1XMlVoL0hQL2ZFbTVxcGpTVVdDdFhyOVhmQjJLcGd6ZWxBeU5STG14TjZtamY0TDhGdU9nZ3VlSkhiSThvaGV6cDRNaFRvSW9vQThyaWZMU2MydFM3bkx5SExjNDg4ZGVPandVNTc3emdBeEoiLCJtYWMiOiJlNjcyM2FlNWVhZTUwMjA1MTkxYjE1NWQ3Njk5MTAwZWRkMWVkNDM2ZTkxYmFkN2JmNmMwNjMyYmEwMzFlYmQxIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:07 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjFIeEYyQTRsTzRPR0QveE1pK1o3VEE9PSIsInZhbHVlIjoiSWNrNUFIWXhJK3hnZlRHRTBpQVVLQ2FoWTNuL1BWRTgvZlVRdXZsYzVmMW9JdFpLSGtDUFBpR1BBL28wWlhWUnh5YlBjNm1UaGR3ODNlcERObWIvWjVmdGxKTnJ4aG1qK1R3VGk2aXJ2S1Q3QWkrZ09kTitWWXp6Z0pmWjZwM0YiLCJtYWMiOiJlMzNiZmUyNjYyYjQxMDJhODc1MjhlMzhlNTFmYTRiY2I0NDFhYzg5M2RkMDdkODUwYzE0Zjg2YWRkZmJjM2Q4IiwidGFnIjoiIn0%3D; expires=Tue, 28-Nov-2023 13:07:07 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Ilg0VGo1VnQ5VmRiN3BvT3pEVzVpRnc9PSIsInZhbHVlIjoidnFXQUJrL1lvTmpGa0crRzRNb01OTkZEWnZGV2NFMUpwRzYybjl5c2hRMGJkcXoyUmNLNmtGWEVaTjVObTVKSUZaTzUzWVhGT0ZXVjBqQ2hXbTMybjQxSWRnRDZTWlE5MXVUWFVYaDNHTDEyYmZObC9CcUN1YUtBTVVaY3Y0MFUiLCJtYWMiOiJiODcyNTQxNmVkNGYxMzJhZDVmODNhMGU1OTg2ZTZlYWU5ZGNhNWUxMmE1MjUwNzczOTkyZDFmOGRlN2NhYTJiIiwidGFnIjoiIn0%3D; expires=Tue, 28-Nov-2023 13:07:07 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js

151.101.1.229

404 Not Found

55 B

URL GET HTTP/3
cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
2ccf42e1d8ce91dc28fc42053a58924f
66ec924f0d32dfb06bf0dda1133bd4b884b2d83d
51311bb7fe0896738e7bb28de627f8ad47495c61d8840e5921460123484560a5

HTTP Headers

GET /gh/killbot-org/Killbot-JS@latest/dist/main.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=600, s-maxage=600
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
etag: W/"38-ZuySTw0y37Br8N2hEzvUuISy2D0"
content-encoding: br
accept-ranges: bytes
date: Tue, 28 Nov 2023 11:07:07 GMT
age: 419
x-served-by: cache-fra-etou8220062-FRA, cache-bma1671-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 55
X-Firefox-Spdy: h2

package.dittugarments.com/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc/

167.114.30.172

301 Moved Permanently

281 B

URL User Request GET HTTP/1.1
package.dittugarments.com/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc/
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
281 B (281 bytes)
Hash
70cc95b9efb14cadc08a1e798c8c7a27
890fbca913b52149586055a196275d844c8aa286
87f1803df898bcbad08389bd21aed34dc5fbef8ac6741d71486c5db078905def

HTTP Headers

GET /SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc/ HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/
Cookie: XSRF-TOKEN=eyJpdiI6IjFIeEYyQTRsTzRPR0QveE1pK1o3VEE9PSIsInZhbHVlIjoiSWNrNUFIWXhJK3hnZlRHRTBpQVVLQ2FoWTNuL1BWRTgvZlVRdXZsYzVmMW9JdFpLSGtDUFBpR1BBL28wWlhWUnh5YlBjNm1UaGR3ODNlcERObWIvWjVmdGxKTnJ4aG1qK1R3VGk2aXJ2S1Q3QWkrZ09kTitWWXp6Z0pmWjZwM0YiLCJtYWMiOiJlMzNiZmUyNjYyYjQxMDJhODc1MjhlMzhlNTFmYTRiY2I0NDFhYzg5M2RkMDdkODUwYzE0Zjg2YWRkZmJjM2Q4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilg0VGo1VnQ5VmRiN3BvT3pEVzVpRnc9PSIsInZhbHVlIjoidnFXQUJrL1lvTmpGa0crRzRNb01OTkZEWnZGV2NFMUpwRzYybjl5c2hRMGJkcXoyUmNLNmtGWEVaTjVObTVKSUZaTzUzWVhGT0ZXVjBqQ2hXbTMybjQxSWRnRDZTWlE5MXVUWFVYaDNHTDEyYmZObC9CcUN1YUtBTVVaY3Y0MFUiLCJtYWMiOiJiODcyNTQxNmVkNGYxMzJhZDVmODNhMGU1OTg2ZTZlYWU5ZGNhNWUxMmE1MjUwNzczOTkyZDFmOGRlN2NhYTJiIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 28 Nov 2023 11:07:07 GMT
Server: Apache
Location: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Content-Length: 281
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

package.dittugarments.com/

167.114.30.172

544 B

URL
package.dittugarments.com/
IP
167.114.30.172:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
544 B (544 bytes)
Hash
599d1cd7bc9f1f563943e699a83cf73a
bc58f932cd0a8b520adbcd2be3b99ee76c6d6189
d111d18352f6c8de67294c55a6965c0ff30d96ce4ad83a75bf7b63a616375905

HTTP Headers

GET / HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:08 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6Im5EeE1rajZkQUNtQWcvSEw2VjJVNkE9PSIsInZhbHVlIjoiTENJMDR6V3VKWGZIdnovVVJRemxNdFlZM1BXK054aUExRFFBaGxLdDFJTGRxaUFxaUtjdXNqNHhRUGpqM1h5NWdGNzhqd1VhWGg3UnJrSmQ5T1NiTEljd01DSjVldHhwMXNwdExDUjRsT0RjS3hkUXpmZmhFMm9haStpck9RTEMiLCJtYWMiOiIwYzYwYjc2ZjM3MzE5OTJiNTBlNTJlOGU4M2U1N2Q3Mjc4MzdlMDRkZmVkNTMyZjk5ZDM4MTNlNjJmYmZiNjhhIiwidGFnIjoiIn0%3D; expires=Tue, 28-Nov-2023 13:07:08 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InZDWU1nb1NZaXZtWnEzamllbEl3Snc9PSIsInZhbHVlIjoiK01hSjJCNC9FUFZCTnJralVGQS9WdklmdXEvQVBReDhuWXozZFhnazdzWlFxNVpLOXlsbWVGeFhhSzdOZERleUtLbHkzS0tlY1hKYk1YaFJVQTJ5WGxqZjNCWVZYUmpVb0FiM2FGbUdYNWdIZVJDbnJLMjhtTDZrLzc4ck82NnciLCJtYWMiOiI2MTQ2YzY2MTA0ZDY2YTIzYmY3NjMzNWVmMTMzNzQwZjU0ZjFkOTBkY2NlZThmY2VmYTBlOGMwZWYzYTU4YTBmIiwidGFnIjoiIn0%3D; expires=Tue, 28-Nov-2023 13:07:08 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js

151.101.1.229

404 Not Found

55 B

URL GET HTTP/3
cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
2ccf42e1d8ce91dc28fc42053a58924f
66ec924f0d32dfb06bf0dda1133bd4b884b2d83d
51311bb7fe0896738e7bb28de627f8ad47495c61d8840e5921460123484560a5

HTTP Headers

GET /gh/killbot-org/Killbot-JS@latest/dist/main.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
content-length: 55
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=600, s-maxage=600
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
etag: W/"38-ZuySTw0y37Br8N2hEzvUuISy2D0"
content-encoding: br
accept-ranges: bytes
date: Tue, 28 Nov 2023 11:07:10 GMT
age: 421
x-served-by: cache-fra-etou8220062-FRA, cache-bma1676-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css

104.17.24.14

200 OK

17 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65317)
Size
17 kB (17041 bytes)
Hash
6386fb409d4a2abc96eee7be8f6d4cc4
09102cfc60efb430a25ee97cee9a6a35df6dfc59
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed

HTTP Headers

GET /ajax/libs/font-awesome/6.1.1/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://package.dittugarments.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 11:07:10 GMT
content-type: text/css; charset=utf-8
content-length: 17041
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "623a082a-4291"
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 384425
expires: Sun, 17 Nov 2024 11:07:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4Vo1%2Fu6pJwnvqd9IL%2BlEBKSfhMNENgtF%2F3IqNagFowbdj7dTU%2FMticgkQKeN151l3dkR%2BFpc9Mjn%2BuBUpR7s1wWIaCvjPtadIJhbUdwpxBkk2fXsda2%2BNDFk%2F59tCc%2FKAwxgF2u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82d2254d7bdfb523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc

167.114.30.172

200 OK

22 kB

URL User Request GET HTTP/1.1
package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
22 kB (22341 bytes)
Hash
f77e3cfc7b6327bafe674177328999e9
26c208a65fdea0e4df59ea41e6ddd52e240f7a98
3a1947634c18b78fcfb75f550fcfe1856b6ac9394f56665c8167e18a1d161bd6

HTTP Headers

GET /public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://package.dittugarments.com/public/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjFIeEYyQTRsTzRPR0QveE1pK1o3VEE9PSIsInZhbHVlIjoiSWNrNUFIWXhJK3hnZlRHRTBpQVVLQ2FoWTNuL1BWRTgvZlVRdXZsYzVmMW9JdFpLSGtDUFBpR1BBL28wWlhWUnh5YlBjNm1UaGR3ODNlcERObWIvWjVmdGxKTnJ4aG1qK1R3VGk2aXJ2S1Q3QWkrZ09kTitWWXp6Z0pmWjZwM0YiLCJtYWMiOiJlMzNiZmUyNjYyYjQxMDJhODc1MjhlMzhlNTFmYTRiY2I0NDFhYzg5M2RkMDdkODUwYzE0Zjg2YWRkZmJjM2Q4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilg0VGo1VnQ5VmRiN3BvT3pEVzVpRnc9PSIsInZhbHVlIjoidnFXQUJrL1lvTmpGa0crRzRNb01OTkZEWnZGV2NFMUpwRzYybjl5c2hRMGJkcXoyUmNLNmtGWEVaTjVObTVKSUZaTzUzWVhGT0ZXVjBqQ2hXbTMybjQxSWRnRDZTWlE5MXVUWFVYaDNHTDEyYmZObC9CcUN1YUtBTVVaY3Y0MFUiLCJtYWMiOiJiODcyNTQxNmVkNGYxMzJhZDVmODNhMGU1OTg2ZTZlYWU5ZGNhNWUxMmE1MjUwNzczOTkyZDFmOGRlN2NhYTJiIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:10 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; expires=Tue, 28-Nov-2023 13:07:10 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D; expires=Tue, 28-Nov-2023 13:07:10 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/imask.min.js

104.17.24.14

200 OK

11 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/imask.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (45552)
Size
11 kB (10899 bytes)
Hash
79c82646b886e08184f7b9fff25e64ff
804b4b0f8f3443ff05833e33fb5b76780ffafe25
8b76b3502583edddf22df0b9c6ee640053a2cdfeaa113ceff3ea9b61d1f6410d

HTTP Headers

GET /ajax/libs/imask/3.4.0/imask.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 11:07:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 10899
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e9f-b217"
last-modified: Mon, 04 May 2020 16:11:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 457297
expires: Sun, 17 Nov 2024 11:07:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srIulj%2BdqEbba7%2B6vJv5Y8HHVLNMA3v3tAnJqg%2BAjlkb3AK6iRIzqI9zC%2FuL9FsqHsUSqBtncElJD2GJMEo75Hnqr%2BibA3lXReZFVTbKUVJucQ9dP6aki%2FJSs2ifDye0J9K0JIbP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82d2254e3d327129-OSL
alt-svc: h3=":443"; ma=86400

cdn.s-pass.org/SPASSDATA/media/cache/portail_vignette_xl/SPASSDATA/attachments/2022_02/17/114223-serencontrer-messages-solid.png

172.67.75.167

200 OK

5.0 kB

URL GET HTTP/2
cdn.s-pass.org/SPASSDATA/media/cache/portail_vignette_xl/SPASSDATA/attachments/2022_02/17/114223-serencontrer-messages-solid.png
IP
172.67.75.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerCloudflare, Inc.
Subjects-pass.org
Fingerprint66:7C:47:A7:D2:1D:EF:BF:C1:BB:CD:FD:25:D2:A3:44:EF:B6:EE:C9
ValidityThu, 07 Sep 2023 00:00:00 GMT - Fri, 06 Sep 2024 23:59:59 GMT

File type
PNG image data, 640 x 512, 8-bit colormap, non-interlaced\012- data
Size
5.0 kB (4984 bytes)
Hash
faa2a37bbdf6a4d7eb92f4df1396e1bc
b63e5a7323f771d2294a58b3251bb6036ae33fce
cff8856b01d09b6e68b3d6b75172ea259363b4268be55229a963e86edc77e627

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /SPASSDATA/media/cache/portail_vignette_xl/SPASSDATA/attachments/2022_02/17/114223-serencontrer-messages-solid.png HTTP/1.1
Host: cdn.s-pass.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 11:07:10 GMT
content-type: image/png
content-length: 4984
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1313415
etag: "620e522e-140a87"
last-modified: Thu, 17 Feb 2022 13:48:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 517837
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXg%2BrSenZYi0D73wLCSIZczf3v9s7tYK3kMs5rrGIQnXWfdJ1NknCasZkYpzjzrAafAfcLB1L4UiZfKlzggsG4VODzv%2FRSdroSfRoZGDiUYSfTbdw48SHbB9XdCuhNs7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d2254e7b9d0b55-OSL
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.12.4.min.js

151.101.194.137

200 OK

34 kB

URL GET HTTP/2
code.jquery.com/jquery-1.12.4.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32077)
Size
34 kB (33738 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

GET /jquery-1.12.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-17b8b"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 28 Nov 2023 11:07:10 GMT
age: 6369024
x-served-by: cache-lga21956-LGA, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 232, 257909
x-timer: S1701169630.480419,VS0,VE0
vary: Accept-Encoding
content-length: 33738
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/js/all.min.js

104.17.24.14

200 OK

338 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/js/all.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65351)
Size
338 kB (338270 bytes)
Hash
61008443488f4e7f60d5a5055483187e
b56375acc5e062f79280440459d0d7b0f10a290b
1d3f596f76f53d53ef7cb1ffeffd6f791b54bd639b42e4f23e7f2d7b36f91c48

HTTP Headers

GET /ajax/libs/font-awesome/5.8.1/js/all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://package.dittugarments.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 11:07:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 338270
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-1125c9"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1790351
expires: Sun, 17 Nov 2024 11:07:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKGrs1HVey3MPSwvE71e6RO7NRc2PuY31hNMbJpqxv9YWtVTIrx2XnRePUTx%2BrgnOTu27aaOOVWHsPKBpV1gq03X%2FtXRGfdBiTdL4gH5ixkSfznTaoZhjpMBdeqNvFgGGGtEDmkw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82d2254e7d627129-OSL
alt-svc: h3=":443"; ma=86400

package.dittugarments.com/public/dinzab/font-awesome.min.css

167.114.30.172

200 OK

31 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/font-awesome.min.css
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/font-awesome.min.css HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:10 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

package.dittugarments.com/public/dinzab/newcc.css

167.114.30.172

200 OK

5.2 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/newcc.css
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
ASCII text
Size
5.2 kB (5211 bytes)
Hash
a8802c7108e75bd512824b11af10a5e7
0af53e81447c67be4d787fea0f6ef8c82008e4ea
6c37a32274d58b55fc113546582236826b279eb6d667ecbf86e73823713da4f9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/newcc.css HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:10 GMT
Server: Apache
Last-Modified: Thu, 02 Jun 2022 12:41:52 GMT
Accept-Ranges: bytes
Content-Length: 5211
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

package.dittugarments.com/public/dinzab/card.js

167.114.30.172

200 OK

59 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/card.js
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
Unicode text, UTF-8 text, with very long lines (51786)
Size
59 kB (58666 bytes)
Hash
30e93a747ba8285615cfbc3643dc1a62
3a55f9d6ac708f519d351ea0b69083457778ec9d
18c4b9b4c27233b541a47300a4ee98239e1f8dec4bbcd9fabb6bdad12ca82025

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/card.js HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:10 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 58666
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

package.dittugarments.com/public/dinzab/intlTelInput.css

167.114.30.172

200 OK

25 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/intlTelInput.css
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
ASCII text
Size
25 kB (24631 bytes)
Hash
bd1fe63547e380ddfdd79c4cea97cc1e
d5546e0d88b001b6ceb1a06fbf6a47e31214e9de
51198a6581f3fdd8b035268f775b1a6f519ee61b3e2a22da4a6fe2b2647b145b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/intlTelInput.css HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:10 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 24631
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

package.dittugarments.com/public/dinzab/mine.js

167.114.30.172

200 OK

1.6 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/mine.js
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
Unicode text, UTF-8 text
Size
1.6 kB (1604 bytes)
Hash
f11ee1ccf373dd137b7ad18e4ee2f69e
26baf7db3e340be99ece82b37d294b80c373fd12
71b8a934f8936288d42fe9fd426ff18cbc1fe54070617fd62420025da56b662e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/mine.js HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:10 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 08:48:22 GMT
Accept-Ranges: bytes
Content-Length: 1604
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

package.dittugarments.com/public/dinzab/intlTelInput.js

167.114.30.172

200 OK

89 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/intlTelInput.js
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
Unicode text, UTF-8 text, with very long lines (9885)
Size
89 kB (89336 bytes)
Hash
9146aa46d1f409004183b86f202c4607
717a6d53527fe31ec1c4eef9022b06e5d4d6f6a5
b188900aaff98a87fc69519ab04437aa735708b4b92f2adcab6937d2a1d42e37

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/intlTelInput.js HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:10 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 89336
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

package.dittugarments.com/public/dinzab/data.js

167.114.30.172

200 OK

12 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/data.js
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
Unicode text, UTF-8 text, with very long lines (9881)
Size
12 kB (12100 bytes)
Hash
a2b78e86240966cda00a463614e4f3dd
a2606f30f77bb9f235746059db16b0ee8b585c31
55e47db856701715f613de8674bd0c67604cc304514b791bed402866d18c8557

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/data.js HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:10 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 12100
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

package.dittugarments.com/public/dinzab/countrySelect.js

167.114.30.172

200 OK

37 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/countrySelect.js
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
Unicode text, UTF-8 text, with very long lines (347)
Size
37 kB (36634 bytes)
Hash
ee3d5d4880b5dac09d9ca3c23cdd28da
f95728f89723a079442d67ed6aa38abf8ecab4fd
657baddf2724ae4570fa40c00dddefa3379b5709ac06ceb536f6177a1bfc394f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/countrySelect.js HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:10 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 36634
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

package.dittugarments.com/public/dinzab/app.js

167.114.30.172

200 OK

920 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/app.js
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
Unicode text, UTF-8 text, with very long lines (7706), with CRLF line terminators
Size
920 kB (920095 bytes)
Hash
508afd6ff9ab52ce8f480d35568038d1
b5d9891100e0dce59cee59b75a098a1ae64c779b
8af18273c1833477cf810c4e3a76f483b6a6064571d25ea7742d8708378c8f09

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/app.js HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:10 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 920095
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

package.dittugarments.com/public/dinzab/app.css

167.114.30.172

200 OK

914 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/app.css
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
assembler source, ASCII text
Size
914 kB (913520 bytes)
Hash
74d0401d2b753a90be1d872aaa6e94b4
386f08a79bdc853e8a81585efcfc35ca90a49687
0762226aa4722b7c5349c825388089b0e3f8cdde6dd5dbb5f002d4fb014f568f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/app.css HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:10 GMT
Server: Apache
Last-Modified: Thu, 02 Jun 2022 17:04:20 GMT
Accept-Ranges: bytes
Content-Length: 913520
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js

151.101.1.229

404 Not Found

55 B

URL GET HTTP/3
cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
2ccf42e1d8ce91dc28fc42053a58924f
66ec924f0d32dfb06bf0dda1133bd4b884b2d83d
51311bb7fe0896738e7bb28de627f8ad47495c61d8840e5921460123484560a5

HTTP Headers

GET /gh/killbot-org/Killbot-JS@latest/dist/main.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
content-length: 55
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=600, s-maxage=600
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
etag: W/"38-ZuySTw0y37Br8N2hEzvUuISy2D0"
content-encoding: br
accept-ranges: bytes
date: Tue, 28 Nov 2023 11:07:11 GMT
age: 422
x-served-by: cache-fra-etou8220062-FRA, cache-bma1676-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

package.dittugarments.com/public/dinzab/logo.png

167.114.30.172

200 OK

2.0 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/logo.png
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (1998 bytes)
Hash
5d14ab93691604e826e1319d53599eb9
78724360e9d25da584445b851e37bca05abe6b85
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/logo.png HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:11 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 1998
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

code.jquery.com/jquery-1.12.4.min.js

151.101.194.137

200 OK

34 kB

URL GET HTTP/2
code.jquery.com/jquery-1.12.4.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32077)
Size
34 kB (33738 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

GET /jquery-1.12.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-17b8b"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 28 Nov 2023 11:07:11 GMT
age: 6369025
x-served-by: cache-lga21956-LGA, cache-bma1665-BMA
x-cache: HIT, HIT
x-cache-hits: 232, 257910
x-timer: S1701169632.758848,VS0,VE0
vary: Accept-Encoding
content-length: 33738
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/imask.min.js

104.17.24.14

200 OK

11 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/imask.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (45552)
Size
11 kB (10899 bytes)
Hash
79c82646b886e08184f7b9fff25e64ff
804b4b0f8f3443ff05833e33fb5b76780ffafe25
8b76b3502583edddf22df0b9c6ee640053a2cdfeaa113ceff3ea9b61d1f6410d

HTTP Headers

GET /ajax/libs/imask/3.4.0/imask.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 11:07:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 10899
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e9f-b217"
last-modified: Mon, 04 May 2020 16:11:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 457298
expires: Sun, 17 Nov 2024 11:07:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7sN1tibY5yMyQE9TE86LYrAF6gEgKkcKw5px7jKanFocHG6XtVMOuPq4ez9MSBAQvYeNVNFOcsWlmJKE3nV1Jk2Hpe39w2nDJaGJxd6Pcepp5DseaGwaB0pDOuKGTLwqeWC75df"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82d22556edc17129-OSL
alt-svc: h3=":443"; ma=86400

package.dittugarments.com/public/dinzab/app.js

167.114.30.172

200 OK

920 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/app.js
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
Unicode text, UTF-8 text, with very long lines (7706), with CRLF line terminators
Size
920 kB (920095 bytes)
Hash
508afd6ff9ab52ce8f480d35568038d1
b5d9891100e0dce59cee59b75a098a1ae64c779b
8af18273c1833477cf810c4e3a76f483b6a6064571d25ea7742d8708378c8f09

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/app.js HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:11 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 920095
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

package.dittugarments.com/public/dinzab/data.js

167.114.30.172

200 OK

12 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/data.js
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
Unicode text, UTF-8 text, with very long lines (9881)
Size
12 kB (12100 bytes)
Hash
a2b78e86240966cda00a463614e4f3dd
a2606f30f77bb9f235746059db16b0ee8b585c31
55e47db856701715f613de8674bd0c67604cc304514b791bed402866d18c8557

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/data.js HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:12 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 12100
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

package.dittugarments.com/public/dinzab/card.js

167.114.30.172

200 OK

59 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/card.js
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
Unicode text, UTF-8 text, with very long lines (51786)
Size
59 kB (58666 bytes)
Hash
30e93a747ba8285615cfbc3643dc1a62
3a55f9d6ac708f519d351ea0b69083457778ec9d
18c4b9b4c27233b541a47300a4ee98239e1f8dec4bbcd9fabb6bdad12ca82025

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/card.js HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:12 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 58666
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

package.dittugarments.com/public/dinzab/mine.js

167.114.30.172

200 OK

1.6 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/mine.js
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
Unicode text, UTF-8 text
Size
1.6 kB (1604 bytes)
Hash
f11ee1ccf373dd137b7ad18e4ee2f69e
26baf7db3e340be99ece82b37d294b80c373fd12
71b8a934f8936288d42fe9fd426ff18cbc1fe54070617fd62420025da56b662e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/mine.js HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:12 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 08:48:22 GMT
Accept-Ranges: bytes
Content-Length: 1604
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/js/all.min.js

104.17.24.14

200 OK

338 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/js/all.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65351)
Size
338 kB (338270 bytes)
Hash
61008443488f4e7f60d5a5055483187e
b56375acc5e062f79280440459d0d7b0f10a290b
1d3f596f76f53d53ef7cb1ffeffd6f791b54bd639b42e4f23e7f2d7b36f91c48

HTTP Headers

GET /ajax/libs/font-awesome/5.8.1/js/all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://package.dittugarments.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 11:07:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 338270
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-1125c9"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1790353
expires: Sun, 17 Nov 2024 11:07:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5qhw%2BiDQpZVZStvBBQwvX5YS3bPRrpob7aGGpbIcLZhnLPYRmGlJoEVkVgZpJe%2Fntl2bY9E4ebuYMWWAlg%2BdslQvAQLxOkQ51WKNDkhZ9ByuT9oMetzsH1adjzpPkA4Hy5AFEbq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82d2255dac167129-OSL
alt-svc: h3=":443"; ma=86400

package.dittugarments.com/public/dinzab/intlTelInput.js

167.114.30.172

200 OK

89 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/intlTelInput.js
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
Unicode text, UTF-8 text, with very long lines (9885)
Size
89 kB (89336 bytes)
Hash
9146aa46d1f409004183b86f202c4607
717a6d53527fe31ec1c4eef9022b06e5d4d6f6a5
b188900aaff98a87fc69519ab04437aa735708b4b92f2adcab6937d2a1d42e37

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/intlTelInput.js HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:13 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 89336
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

package.dittugarments.com/public/dinzab/countrySelect.js

167.114.30.172

200 OK

37 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/countrySelect.js
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
Unicode text, UTF-8 text, with very long lines (347)
Size
37 kB (36634 bytes)
Hash
ee3d5d4880b5dac09d9ca3c23cdd28da
f95728f89723a079442d67ed6aa38abf8ecab4fd
657baddf2724ae4570fa40c00dddefa3379b5709ac06ceb536f6177a1bfc394f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/countrySelect.js HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:13 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 36634
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

package.dittugarments.com/public/dinzab/flagscountry.png

167.114.30.172

200 OK

66 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/flagscountry.png
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
PNG image data, 5630 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
66 kB (65960 bytes)
Hash
ae33acae404631e997ef8d91dae08ccd
19fae9a6aa4bb419eba378b0d0573906dc1be38a
38025784bedeb5e4cae496b131c85cabbd95ae0b1c0a3c9d9cb474d7262db04b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/flagscountry.png HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:13 GMT
Server: Apache
Last-Modified: Wed, 22 Sep 2021 16:06:48 GMT
Accept-Ranges: bytes
Content-Length: 65960
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

package.dittugarments.com/public/dinzab/favicon.gif

167.114.30.172

200 OK

2.2 kB

URL GET HTTP/1.1
package.dittugarments.com/public/dinzab/favicon.gif
IP
167.114.30.172:443
ASN
#16276 OVH SAS

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectwww.parcel.dittugarments.com
Fingerprint47:76:07:51:B1:1D:92:BF:78:40:6A:2E:8E:28:9C:87:F7:89:13:56
ValidityMon, 20 Nov 2023 20:23:20 GMT - Sun, 18 Feb 2024 20:23:19 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Size
2.2 kB (2238 bytes)
Hash
a6f1af8e79a11829ba9a66474b06bb97
d99e3ec7747c865033a8dfad43c9f49634404bc1
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /public/dinzab/favicon.gif HTTP/1.1
Host: package.dittugarments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Cookie: XSRF-TOKEN=eyJpdiI6Ik8vR2FKSWJIZVpIT25qWUtkSHNmUUE9PSIsInZhbHVlIjoiRFNyOE1XVHUxS2Q2L2lCa3FlMWNkRXNwOENoNDZUMUgyTnpmNXRyVlFmQ2JvbUxkQnRhdWlBWWZxdHZvaTVWK1hFZ1RnUmNZT2hVbzEyVUNxd003UnFIaGQ3WnVVNnhzMFZ0cVo3VVMzRDUwM09RWDFDdmhidm1mQ054TnhKK3ciLCJtYWMiOiI0NWU0YTZmYTZmNDM0NDk0ODNjYjU1YmNlZWNjYTQ2NGU2Y2M0YzBhNjM5MDAzMzhiYjRjZjJkMzVkYzk1YjdmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5YSmtkVzdDUGhxNTQzUFN5dEM1WGc9PSIsInZhbHVlIjoia1VqWjlwTGFFR1pKSUYwcFFFVUh2OWMrU0dCbC9xRmxDYjZlQ2sxam4zem9uYjdSVnluVGRHSTdhT215d2VKSCtoVnZPTkF1OFVxOTBLeTNMYnk5cXZ0K1ZpTVRhQWMxdDhUdFExNG1POXRkQ3pNQnhmRFd5K29KWk9jV2EwME4iLCJtYWMiOiI0Y2M2ZWNhNzQ3Y2I4ODIwNzVlMTcwYTQyODUxMTdlNTIxMGZiYTg1MDMwMjNlNDZkODc5YWMzZjA2YThmZjNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 11:07:13 GMT
Server: Apache
Last-Modified: Tue, 31 May 2022 07:05:50 GMT
Accept-Ranges: bytes
Content-Length: 2238
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/gif

ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false

35.171.236.208

0 B

URL
ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
IP
35.171.236.208:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://package.dittugarments.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dgZRNqEZE0RNmeXdOKABNw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 28 Nov 2023 11:07:14 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sRayD4oSFO0oN2d/eJ5tg44cWD8=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover

ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false

52.7.148.151

0 B

URL
ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
IP
52.7.148.151:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://package.dittugarments.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fI3kZgba2O7jBRW1b/mXxg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 28 Nov 2023 11:07:14 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9hoJM0gBiD34pY0FvOquE4DhsWE=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover

sockjs-mt1.pusher.com/pusher/app/bc5ba70500b3342fb1aa/481/h14o25uv/xhr_streaming?protocol=7&client=js&version=7.0.3&t=1701169639333&n=1

44.217.82.191

204 No Content

0 B

URL OPTIONS HTTP/2
sockjs-mt1.pusher.com/pusher/app/bc5ba70500b3342fb1aa/481/h14o25uv/xhr_streaming?protocol=7&client=js&version=7.0.3&t=1701169639333&n=1
IP
44.217.82.191:443
ASN
#14618 AMAZON-AES

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectsockjs-mt1.pusher.com
Fingerprint0D:D2:31:02:FF:57:E9:AF:23:47:25:1D:B7:1C:66:F3:1A:4E:DA:5C
ValiditySun, 12 Nov 2023 01:30:52 GMT - Sat, 10 Feb 2024 01:30:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /pusher/app/bc5ba70500b3342fb1aa/481/h14o25uv/xhr_streaming?protocol=7&client=js&version=7.0.3&t=1701169639333&n=1 HTTP/1.1
Host: sockjs-mt1.pusher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://package.dittugarments.com/
Origin: https://package.dittugarments.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-origin: https://package.dittugarments.com
vary: Origin
access-control-allow-headers: content-type
access-control-allow-credentials: true
cache-control: public, max-age=31536000
expires: Wed, 27 Nov 2024 11:07:15 GMT
access-control-allow-methods: OPTIONS, POST
access-control-max-age: 31536000
date: Tue, 28 Nov 2023 11:07:15 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

sockjs-mt1.pusher.com/pusher/app/bc5ba70500b3342fb1aa/783/90qbk7sm/xhr_streaming?protocol=7&client=js&version=7.0.3&t=1701169639344&n=1

44.217.82.191

0 B

URL POST
sockjs-mt1.pusher.com/pusher/app/bc5ba70500b3342fb1aa/783/90qbk7sm/xhr_streaming?protocol=7&client=js&version=7.0.3&t=1701169639344&n=1
IP
44.217.82.191:0
ASN
#14618 AMAZON-AES

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectsockjs-mt1.pusher.com
Fingerprint0D:D2:31:02:FF:57:E9:AF:23:47:25:1D:B7:1C:66:F3:1A:4E:DA:5C
ValiditySun, 12 Nov 2023 01:30:52 GMT - Sat, 10 Feb 2024 01:30:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /pusher/app/bc5ba70500b3342fb1aa/783/90qbk7sm/xhr_streaming?protocol=7&client=js&version=7.0.3&t=1701169639344&n=1 HTTP/1.1
Host: sockjs-mt1.pusher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://package.dittugarments.com/
Origin: https://package.dittugarments.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-origin: https://package.dittugarments.com
vary: Origin
access-control-allow-headers: content-type
access-control-allow-credentials: true
cache-control: public, max-age=31536000
expires: Wed, 27 Nov 2024 11:07:15 GMT
access-control-allow-methods: OPTIONS, POST
access-control-max-age: 31536000
date: Tue, 28 Nov 2023 11:07:15 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Raleway|Rock+Salt|Source+Code+Pro:300,400,600

142.250.74.106

200 OK

9.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Raleway|Rock+Salt|Source+Code+Pro:300,400,600
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (9264), with no line terminators
Size
9.0 kB (9048 bytes)
Hash
3a28ee17cf6392c31edb349ab60d2a22
615c29fd9e9d5b5363092aa2fa2894183114d32d
3a3e7ac57b9005210c74a4643889c4fa39d4a384599f9dd7fc16053db74a2070

HTTP Headers

GET /css?family=Raleway|Rock+Salt|Source+Code+Pro:300,400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 11:07:10 GMT
date: Tue, 28 Nov 2023 11:07:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false

52.7.148.151

101 Switching Protocols

0 B

URL GET HTTP/1.1
ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
IP
52.7.148.151:443
ASN
#14618 AMAZON-AES

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerAmazon
Subjectpusher.com
Fingerprint7F:21:03:8F:D0:81:ED:06:33:D6:8D:83:17:DA:79:19:72:2E:BF:39
ValiditySun, 25 Jun 2023 00:00:00 GMT - Wed, 24 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://package.dittugarments.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fI3kZgba2O7jBRW1b/mXxg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 28 Nov 2023 11:07:14 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9hoJM0gBiD34pY0FvOquE4DhsWE=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover

dispatching-centre.lasamericascargo.com/images/foo.png

0.0.0.0

0 B

URL GET
dispatching-centre.lasamericascargo.com/images/foo.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/foo.png HTTP/1.1
Host: dispatching-centre.lasamericascargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.lr-in.com/logger-1.min.js

104.21.234.145

200 OK

846 kB

URL GET HTTP/2
cdn.lr-in.com/logger-1.min.js
IP
104.21.234.145:443
ASN
#13335 CLOUDFLARENET

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerLet's Encrypt
Subjectlr-in.com
Fingerprint06:C7:A4:83:83:3B:72:D9:6B:66:09:15:2F:3A:52:FD:1F:E4:05:24
ValiditySun, 12 Nov 2023 13:20:34 GMT - Sat, 10 Feb 2024 13:20:33 GMT

File type

Size
846 kB (846383 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://package.dittugarments.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 11:07:10 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"144e31d412eb3631137b19d8a243c4f17078d26bec60aeb31b99d8e42a152fe5"
last-modified: Mon, 27 Nov 2023 22:59:09 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-bma1631-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1701126119.971843,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 56
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PjzIjuBKN7DC9Exw9qxwOTr9C9UeyqXl08nXd6pgToHm1ZxZTAR7gfq89COvu6IcR1ndyH3tj8ZN7PLzDSfw8XEVCBbTT%2B4FlVWjTM%2Fupri3VgBiQkZfK4%2BZkvBH060"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2254dc81cb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false

35.171.236.208

101 Switching Protocols

0 B

URL GET HTTP/1.1
ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
IP
35.171.236.208:443
ASN
#14618 AMAZON-AES

Requested by
https://package.dittugarments.com/public/SR3RZcWIZjdZS55oRUdSR0O70ZhF1ZUc
Certificate
IssuerAmazon
Subjectpusher.com
Fingerprint7F:21:03:8F:D0:81:ED:06:33:D6:8D:83:17:DA:79:19:72:2E:BF:39
ValiditySun, 25 Jun 2023 00:00:00 GMT - Wed, 24 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://package.dittugarments.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dgZRNqEZE0RNmeXdOKABNw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 28 Nov 2023 11:07:14 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sRayD4oSFO0oN2d/eJ5tg44cWD8=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by