| couriernote-001-site1.jtempurl.com/bbuDKiwXUCwESbMdNEc1taAkl1CI | 45.58.159.112 | | 210 B |
URL couriernote-001-site1.jtempurl.com/bbuDKiwXUCwESbMdNEc1taAkl1CI IP45.58.159.112:0
File typeHTML document, ASCII text Hash31b6183945b23f3237cea6acdcb91853 483ea3ac6b6491cee1fde0bddeae208a8f147e95 4a59ea7a803e2c7de336103d84f319efbb0c900f1a65dad4aa826db264640f62
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /bbuDKiwXUCwESbMdNEc1taAkl1CI HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Location: http://couriernote-001-site1.jtempurl.com
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImlwVVo3OThqaTJDUE9TZXdCSVhtWWc9PSIsInZhbHVlIjoidzY5T0s0R2l0TnlBZWU1Mmx5aVNIM09KVUp2NmVXM1E0aEp6RTZFUmV6Ykw3QzVmcktQaXB4MVEydVpheHhraWJCZGJ0T1Z0NUtJMm5ybkdHaDVEclBESTFmVTd6cVhuSFZUdW45WHJSS1hmbGN6UURseXhwa3psL1FQQkRkY20iLCJtYWMiOiIwZmU3ZjU0OTFiMTRlZjUwMjFiNmRjYzQ1ZTc1YTlmOTM3NDc3ZWE1NDNmZTQ2NTQyNGI4YTdhNjMwMTgxY2RiIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 06:35:34 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Ik5Xdk11amFxazI5NC82WnhoY0ZnNHc9PSIsInZhbHVlIjoiSld3ZXg0alV4SkNWZmVReVAvcUZDZ004VHJvamdCVm1UcDBaMCtodXdGVzRLREY4VDBzL21GWGFIK2dSZzJhUjhCSVpVblh3TnpTb052TlNrbGlwaWhFOWNwSkEzWHdWR210SzcxdnBlaGVIMDZwQitubklmY2IyLzhiVTk0MnEiLCJtYWMiOiI5YTU1NTgxOTA1MWE2ZWE4YmYyYmFmODhhNDY3MzRjNjBhOTYxNDNiNmQxN2YyNTI0ODlhMGJmZjk2MmU2ZjliIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 06:35:34 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Wed, 17 Apr 2024 04:35:34 GMT
Content-Length: 210
|
|
| couriernote-001-site1.jtempurl.com/ | 45.58.159.112 | | 345 B |
URL couriernote-001-site1.jtempurl.com/ IP45.58.159.112:0
File typeHTML document, ASCII text Hashf62efbe7f46eea28b825d99b6279f85e 5e01937dcd2667697fb9aed5a3a29f85e58cc90c c32f9d377dae01d8d8b88d1ce75b7d0cba3edad6706b0b9721f70fe28adb35b7
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET / HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImlwVVo3OThqaTJDUE9TZXdCSVhtWWc9PSIsInZhbHVlIjoidzY5T0s0R2l0TnlBZWU1Mmx5aVNIM09KVUp2NmVXM1E0aEp6RTZFUmV6Ykw3QzVmcktQaXB4MVEydVpheHhraWJCZGJ0T1Z0NUtJMm5ybkdHaDVEclBESTFmVTd6cVhuSFZUdW45WHJSS1hmbGN6UURseXhwa3psL1FQQkRkY20iLCJtYWMiOiIwZmU3ZjU0OTFiMTRlZjUwMjFiNmRjYzQ1ZTc1YTlmOTM3NDc3ZWE1NDNmZTQ2NTQyNGI4YTdhNjMwMTgxY2RiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5Xdk11amFxazI5NC82WnhoY0ZnNHc9PSIsInZhbHVlIjoiSld3ZXg0alV4SkNWZmVReVAvcUZDZ004VHJvamdCVm1UcDBaMCtodXdGVzRLREY4VDBzL21GWGFIK2dSZzJhUjhCSVpVblh3TnpTb052TlNrbGlwaWhFOWNwSkEzWHdWR210SzcxdnBlaGVIMDZwQitubklmY2IyLzhiVTk0MnEiLCJtYWMiOiI5YTU1NTgxOTA1MWE2ZWE4YmYyYmFmODhhNDY3MzRjNjBhOTYxNDNiNmQxN2YyNTI0ODlhMGJmZjk2MmU2ZjliIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjZ2Y204OVdLQjN3L2VodklVajZTQWc9PSIsInZhbHVlIjoieXBhTnc5ZExJelR1ZFhjTEtNT0tseU8vZm9NMDlNNTFwWHoyQVlFZUJxNWV4aW5GTmZpME54dWlwOFljUVcrelRGRGxOdlJyUmJ2SXRrL1JvVTNJVStzV3FFdml0TnFtVGZBVWovWlp3aWYwRndTT2x3dDJ6NWgvWkw0enZPQWYiLCJtYWMiOiIwMDkxNzY4Yzg4MmQ0NWM1MjhiN2RmNmZjYjI0YjcyNWE5Y2VlMDkxNDMxNmY5MTMxYmI5YTUzZGNkMGQ5YjkxIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 06:35:35 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InRuVFBWREQ2N3dtSVc5NEV2b2xTVGc9PSIsInZhbHVlIjoiVElIeFhrVU1oVHFrRmd6UVZqdFV6UTkzb2NnbCtUa3U2SklaWlZmV3Erclo1Umg2dmRpanllSElod2lSeFhvUy9BSkdtdmVJaVErSXpZNlZEZE5tSy9mRkt2TFdCektRVFdkMUZheEdHU2lPQzAvL0dnbGx0ZjNCNGFtWElPRk0iLCJtYWMiOiIxZmY3ZjBkMmJhMmMzZTFiMjFlZjYxYjkzNjI3Njg2NTMxMTRiMGZiNTI1YTdhMDA2MWZjZDJlMTA5NDYwNjFhIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 06:35:35 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Wed, 17 Apr 2024 04:35:35 GMT
Content-Length: 345
|
|
| couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp/ | 45.58.159.112 | | 284 B |
URL User Request GET couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp/ IP45.58.159.112:0
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash800ebf1727157595e5063fd3284e44be de8cd5c1a50cef509e6b4b6d6ab387686215b9e5 5433c93e9d9e3489d4ff28354ef9714fa3b31a63ed62313fe0811987782a2657
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp/ HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://couriernote-001-site1.jtempurl.com/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjZ2Y204OVdLQjN3L2VodklVajZTQWc9PSIsInZhbHVlIjoieXBhTnc5ZExJelR1ZFhjTEtNT0tseU8vZm9NMDlNNTFwWHoyQVlFZUJxNWV4aW5GTmZpME54dWlwOFljUVcrelRGRGxOdlJyUmJ2SXRrL1JvVTNJVStzV3FFdml0TnFtVGZBVWovWlp3aWYwRndTT2x3dDJ6NWgvWkw0enZPQWYiLCJtYWMiOiIwMDkxNzY4Yzg4MmQ0NWM1MjhiN2RmNmZjYjI0YjcyNWE5Y2VlMDkxNDMxNmY5MTMxYmI5YTUzZGNkMGQ5YjkxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InRuVFBWREQ2N3dtSVc5NEV2b2xTVGc9PSIsInZhbHVlIjoiVElIeFhrVU1oVHFrRmd6UVZqdFV6UTkzb2NnbCtUa3U2SklaWlZmV3Erclo1Umg2dmRpanllSElod2lSeFhvUy9BSkdtdmVJaVErSXpZNlZEZE5tSy9mRkt2TFdCektRVFdkMUZheEdHU2lPQzAvL0dnbGx0ZjNCNGFtWElPRk0iLCJtYWMiOiIxZmY3ZjBkMmJhMmMzZTFiMjFlZjYxYjkzNjI3Njg2NTMxMTRiMGZiNTI1YTdhMDA2MWZjZDJlMTA5NDYwNjFhIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Length: 284
Content-Type: text/html
Location: http://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 17 Apr 2024 04:35:35 GMT
|
|
| couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp | 45.58.159.112 | | 15 kB |
URL User Request GET couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp IP45.58.159.112:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (39884) Hash335c6ad27bdf9b1c2aba1b5c44734e2d 39a4a770f4024be9d01ee3976ef2424a18622d18 13c7b6c61a2f1c7e3950aa0f5357ccf75ed7340c23fd222bdd350cf5eb423961
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://couriernote-001-site1.jtempurl.com/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjZ2Y204OVdLQjN3L2VodklVajZTQWc9PSIsInZhbHVlIjoieXBhTnc5ZExJelR1ZFhjTEtNT0tseU8vZm9NMDlNNTFwWHoyQVlFZUJxNWV4aW5GTmZpME54dWlwOFljUVcrelRGRGxOdlJyUmJ2SXRrL1JvVTNJVStzV3FFdml0TnFtVGZBVWovWlp3aWYwRndTT2x3dDJ6NWgvWkw0enZPQWYiLCJtYWMiOiIwMDkxNzY4Yzg4MmQ0NWM1MjhiN2RmNmZjYjI0YjcyNWE5Y2VlMDkxNDMxNmY5MTMxYmI5YTUzZGNkMGQ5YjkxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InRuVFBWREQ2N3dtSVc5NEV2b2xTVGc9PSIsInZhbHVlIjoiVElIeFhrVU1oVHFrRmd6UVZqdFV6UTkzb2NnbCtUa3U2SklaWlZmV3Erclo1Umg2dmRpanllSElod2lSeFhvUy9BSkdtdmVJaVErSXpZNlZEZE5tSy9mRkt2TFdCektRVFdkMUZheEdHU2lPQzAvL0dnbGx0ZjNCNGFtWElPRk0iLCJtYWMiOiIxZmY3ZjBkMmJhMmMzZTFiMjFlZjYxYjkzNjI3Njg2NTMxMTRiMGZiNTI1YTdhMDA2MWZjZDJlMTA5NDYwNjFhIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 06:35:37 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 06:35:37 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Wed, 17 Apr 2024 04:35:36 GMT
Content-Length: 14640
|
|
| couriernote-001-site1.jtempurl.com/css/app.css | 45.58.159.112 | 200 OK | 56 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/css/app.css IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
Hash181990cc2279e4cea65c9363fb37fee9 b85a7ba40043b0c48a034d8382629ef7ec6a1e24 36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /css/app.css HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 29 Mar 2022 20:11:08 GMT
Accept-Ranges: bytes
ETag: "0566d20a943d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 17 Apr 2024 04:35:36 GMT
Content-Length: 55863
|
|
| couriernote-001-site1.jtempurl.com/js/session-recorder.js | 45.58.159.112 | 200 OK | 11 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/js/session-recorder.js IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typeJavaScript source, ASCII text, with very long lines (44992) Hash701984b4995f3c29820e83c999b7eb23 a3b50104a3bfa05bf59a317273816c7d8ae1f81d 67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /js/session-recorder.js HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 29 Mar 2022 19:35:56 GMT
Accept-Ranges: bytes
ETag: "0b69335a443d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 17 Apr 2024 04:35:36 GMT
Content-Length: 11151
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css | 104.17.25.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.25.14:443
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:35:37 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 129929
expires: Mon, 07 Apr 2025 04:35:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FRyXa8ZTNXYi4chzV4VZ9FE5OtvIzXzl9kV2jQoW39U%2FbX%2FiDKTuzOG4QqTC8fdCNqoniwtIsj92%2FUC%2FSSevznlefdwdiLpy6te42vI2iMQsdKTE%2FKVaqbSRpg8wtB5ZrrbCDXu%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8759b59f0a388f57-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| couriernote-001-site1.jtempurl.com/js/app.js | 45.58.159.112 | 200 OK | 201 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/js/app.js IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typeJavaScript source, Unicode text, UTF-8 text Size201 kB (201031 bytes) Hashfd900f643203761f2eeca2132fc15f1d 375f23ca9ad75b647373bda03b02e2d0f6e729be 399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /js/app.js HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 29 Mar 2022 19:35:56 GMT
Accept-Ranges: bytes
ETag: "0b69335a443d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 17 Apr 2024 04:35:36 GMT
Content-Length: 201031
|
|
| couriernote-001-site1.jtempurl.com/images/logo.png | 45.58.159.112 | 200 OK | 2.0 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/images/logo.png IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typePNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced Hash5d14ab93691604e826e1319d53599eb9 78724360e9d25da584445b851e37bca05abe6b85 3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /images/logo.png HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: image/png
Last-Modified: Sun, 17 Apr 2022 13:24:00 GMT
Accept-Ranges: bytes
ETag: "098d665e52d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 17 Apr 2024 04:35:36 GMT
Content-Length: 1998
|
|
| couriernote-001-site1.jtempurl.com/images/all.png | 45.58.159.112 | 200 OK | 12 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/images/all.png IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typePNG image data, 123 x 84, 8-bit/color RGBA, non-interlaced Hash2cb0b7f615faf2deb9ec6f53d3149a3b 694a2c881c83e2ab86365bf1d16302ac5b9d500f c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /images/all.png HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: image/png
Last-Modified: Sun, 17 Apr 2022 13:24:34 GMT
Accept-Ranges: bytes
ETag: "095517a5e52d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 17 Apr 2024 04:35:36 GMT
Content-Length: 12499
|
|
| couriernote-001-site1.jtempurl.com/images/foo.png | 45.58.159.112 | 404 Not Found | 2.1 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/images/foo.png IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /images/foo.png HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Wed, 17 Apr 2024 04:35:36 GMT
Content-Length: 2123
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b | 45.58.159.112 | 404 Not Found | 6.6 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Wed, 17 Apr 2024 04:35:37 GMT
Content-Length: 6609
|
|
| cdn.lr-in.com/logger-1.min.js | 104.21.234.145 | 200 OK | 173 kB |
URL GET HTTP/2cdn.lr-in.com/logger-1.min.js IP104.21.234.145:443
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp CertificateIssuerLet's Encrypt Subjectlr-in.com Fingerprint9C:36:E8:C7:3B:FC:3A:32:F6:4B:7E:92:80:E3:9C:F6:8E:D3:5C:9A ValiditySat, 09 Mar 2024 13:34:25 GMT - Fri, 07 Jun 2024 13:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size173 kB (172703 bytes) Hash355fe0562edfd6205ef894f08502772b d7defde805c10c9e744951b8c24013bb4bf10c03 916c788c8555964e9d3bc522bc77e20653065fd80ef2f256edeae1a6ebe27c42
GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:35:37 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"c8f76234a7eaef03e2127653218599191ae237cf79b2488a74c814396319bded-br"
last-modified: Tue, 16 Apr 2024 22:45:40 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-lcy-eglc8600068-LCY
x-cache: HIT
x-cache-hits: 1
x-timer: S1713307582.863041,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 64
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oaSTzNOgtF8brYiBLxrFobKa0FtIeLzJrP8SwNtdFFxcVXanq7uWkTZILNxikn6AL3ULq%2B34p0%2FuXlvR%2Fv8RYY3If2gHEfNUZr0V%2BQvV0RzrDkkqOKvFw7%2BlOSb2VNNK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8759b59f2c2a76ba-LHR
content-encoding: br
X-Firefox-Spdy: h2
|
|
| couriernote-001-site1.jtempurl.com/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c | 45.58.159.112 | 404 Not Found | 6.6 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Wed, 17 Apr 2024 04:35:37 GMT
Content-Length: 6609
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 | 45.58.159.112 | 404 Not Found | 6.6 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Wed, 17 Apr 2024 04:35:37 GMT
Content-Length: 6609
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c | 45.58.159.112 | 404 Not Found | 6.6 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Wed, 17 Apr 2024 04:35:37 GMT
Content-Length: 6609
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 | 45.58.159.112 | 404 Not Found | 6.6 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Wed, 17 Apr 2024 04:35:37 GMT
Content-Length: 6609
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 | 45.58.159.112 | 404 Not Found | 6.6 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Wed, 17 Apr 2024 04:35:37 GMT
Content-Length: 6609
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.17.25.14 | 200 OK | 77 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.17.25.14:443
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:35:37 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 512624
expires: Mon, 07 Apr 2025 04:35:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4EzYfz656ClVGAQX7See9C9aik2S2hxDjy6iGvy7QnHagPyHVMo8c7aKx3wBxEkwhpIhyQcpH4%2BZyU%2BfZqb9jDanHwatQ%2FbL4TcA0tT52rgqaDx0FMcq3Ymaa2tGd2H8Og5Uz2hY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8759b5a18ac29310-CPH
alt-svc: h3=":443"; ma=86400
|
|
| cdn.lr-in.com/logger-1.min.js | 104.21.234.145 | 200 OK | 173 kB |
URL GET HTTP/2cdn.lr-in.com/logger-1.min.js IP104.21.234.145:443
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp CertificateIssuerLet's Encrypt Subjectlr-in.com Fingerprint9C:36:E8:C7:3B:FC:3A:32:F6:4B:7E:92:80:E3:9C:F6:8E:D3:5C:9A ValiditySat, 09 Mar 2024 13:34:25 GMT - Fri, 07 Jun 2024 13:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size173 kB (172818 bytes) Hash355fe0562edfd6205ef894f08502772b d7defde805c10c9e744951b8c24013bb4bf10c03 916c788c8555964e9d3bc522bc77e20653065fd80ef2f256edeae1a6ebe27c42
GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:35:37 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"c8f76234a7eaef03e2127653218599191ae237cf79b2488a74c814396319bded-br"
last-modified: Tue, 16 Apr 2024 22:45:40 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-lcy-eglc8600087-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1713307611.033650,VS0,VE44
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2FQTtJPq9N5iVUp4i2UjeRaQZKYeo6M0Yrz9lfuqpF1WqEHyVNmncyxHbS5fW3j8oS0IQVI5UtDdyS9oJN4Ur48G136V96w%2BujtPmcXUJkmJCBsfl%2Fv976SNEalqm3IQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8759b5a17be948ac-LHR
content-encoding: br
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f | 45.58.159.112 | 404 Not Found | 2.1 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Wed, 17 Apr 2024 04:35:37 GMT
Content-Length: 2123
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603 | 45.58.159.112 | 404 Not Found | 2.1 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603 IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603 HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Wed, 17 Apr 2024 04:35:37 GMT
Content-Length: 2123
|
|
| ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-brands-400.woff2 | 172.67.139.119 | 200 OK | 118 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-brands-400.woff2 IP172.67.139.119:443
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 117856, version 773.1280 Size118 kB (117856 bytes) Hash5674af1ac41fe62c1b4568cbb6a031ff 83ac1707f24f448c43d0656f224a827014154c4f 0de3edeabe89b14f48e7856d2cb631722c600ff66839fae178d0567902d62a91
GET /releases/v6.5.2/webfonts/free-fa-brands-400.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:35:38 GMT
content-type: font/woff2
content-length: 117856
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
etag: "5674af1ac41fe62c1b4568cbb6a031ff"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 c38563a65534cacc21516bd5450b0818.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: GuFdcUyUacAkDxYvm9F4vNNo6gb6KRGqLnPUOyAAKTezNJLFF0GQRw==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A9tnMNyQX2KxwxpuK%2BcuPWhUXxWNloOs7dBk0DRK1WT%2B2zqmUmHIRqXc2Rq%2FvdfxJsHI2IsphAgqWJ7MX%2BwM4UCbpxPNN7foJjjhYlP6NPsrjgnBeLNSnX15z%2BaQ440ijUmLBgokcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b5a398336dee-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=f7165dd215 | 172.67.139.119 | 200 OK | 157 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=f7165dd215 IP172.67.139.119:443
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (1560) Size157 kB (157016 bytes) Hash9c9f596493867f0e7ef5f9fe99103fce 12746a89a4f6e62240231ca23c8087e6430188ac 9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878
GET /releases/v6.5.2/css/free-v4-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://couriernote-001-site1.jtempurl.com/
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:35:37 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"9c9f596493867f0e7ef5f9fe99103fce"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96e04892ec84a7161914f66c3ba3b5f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: Jwg234-xM9BSlUD13IvHzdqFWtUS4GgoaH4E1KsslROc72PW6Me74g==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h7lHNKVARrTrKQhr1btSuhNS8EIs%2Fg62YpmTsM3k7YE23WmLozRRJvcCf9KdgpcZnDu0r5ugBz3Er8P%2BiUiZZIV6waV6pWjPJBhjvRhiF0yQMnZNQbXWV7q67pkzQZ2aOmumjqkEaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8759b5a16e276dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=f7165dd215 | 172.67.139.119 | 200 OK | 296 B |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=f7165dd215 IP172.67.139.119:443
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (608) Hasha3d53e21a02e37af6cbc00ac63b3cc1e e4f2269bae4b37ccba5282a154724a3b91720aca e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672
GET /releases/v6.5.2/css/free-v5-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://couriernote-001-site1.jtempurl.com/
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:35:37 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 beda7ef1ba9a3d6628bdfdae06bd482c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: chuQcz-hZhRRGEdepqDSXJcyaFweyyXvQ8vUuwJ0aOQkRkhHqBnbmg==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=swqUyobndzO2AhYkJ6jh1r%2BszEwenhO3TV0dBXJm9iRHdaxIk4aXBkMprKv%2BKEBzhFBasxjcOOtp8C2kigiyWVWw1m%2BSSx64FEqAlHx0OydF5opUggxGEcBTqHSIH19z2AD2rRXx1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b5a16e2e6dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false | 34.196.19.203 | | 0 B |
URL ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false IP34.196.19.203:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://couriernote-001-site1.jtempurl.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PXY4AQRhZ3NAk2vxKc3uWw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 17 Apr 2024 04:35:40 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eC3DNf2MDRnGCQ3p1JKib8bz8Z8=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover
|
|
| kit.fontawesome.com/f7165dd215.js | 104.18.40.68 | 200 OK | 8.7 kB |
URL GET HTTP/2kit.fontawesome.com/f7165dd215.js IP104.18.40.68:443
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp CertificateIssuerDigiCert Inc Subject*.fontawesome.com Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hashc9a5e22f294f63b799ee4b8302e6ea2f 5fb80d8c6cd78e7dba8a5a4ada6cecd5f435e06e df40d5b1503063469e1e0c7ab149859ee6277308d0e30d7236efe8fed162ddb5
GET /f7165dd215.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:35:37 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F8btk8IehbrUpj_hH5bi
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8759b59f3a43abd5-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| r.lr-in.com/i?a=mnnzup%2Fdus&r=5-d26bbbc0-df18-4e0e-a265-880d5314a384&t=05dcde6c-ec4f-4c00-8b60-a553fc5a2267&s=0&rs=0%2Cu&u=0327cdde-e979-4b2b-823f-decdb56ac65b&is=1 | 104.198.23.205 | 204 No Content | 165 B |
URL OPTIONS HTTP/2r.lr-in.com/i?a=mnnzup%2Fdus&r=5-d26bbbc0-df18-4e0e-a265-880d5314a384&t=05dcde6c-ec4f-4c00-8b60-a553fc5a2267&s=0&rs=0%2Cu&u=0327cdde-e979-4b2b-823f-decdb56ac65b&is=1 IP104.198.23.205:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp CertificateIssuerLet's Encrypt Subjectapi.logrocket.com Fingerprint3E:B3:D8:9E:94:E5:B8:E0:B2:FB:40:36:42:BA:B1:67:70:1E:A1:A3 ValidityFri, 05 Apr 2024 14:45:08 GMT - Thu, 04 Jul 2024 14:45:07 GMT
Hash718ccbcd55db37c391512cb65953b9b4 f64b3bc2a1d438df87245b98925a2f7ce8f7a199 96cc9d14ff0939bd8435e082d7875ceba84b9a575dcf27cfec1e97adf2e3fa7a
POST /i?a=mnnzup%2Fdus&r=5-d26bbbc0-df18-4e0e-a265-880d5314a384&t=05dcde6c-ec4f-4c00-8b60-a553fc5a2267&s=0&rs=0%2Cu&u=0327cdde-e979-4b2b-823f-decdb56ac65b&is=1 HTTP/1.1
Host: r.lr-in.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LogRocket-Relay-Version: 2023.12.0
Content-Length: 393773
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 201 Created
date: Wed, 17 Apr 2024 04:35:42 GMT
content-type: application/json; charset=utf-8
content-length: 165
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
etag: W/"a5-9ks7wqHUON+HJFuYklovfOj3oZk"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=f7165dd215 | 172.67.139.119 | 200 OK | 34 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=f7165dd215 IP172.67.139.119:443
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (65321) Hash7f29cd8c97789aa298af8c61623ca28b af8109e0e5c8bb2c1c3ab44ba7b5d25900ca454a 3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1
GET /releases/v6.5.2/css/free.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://couriernote-001-site1.jtempurl.com/
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:35:37 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"7f29cd8c97789aa298af8c61623ca28b"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: 3ZchJ060525nODvpKCzZiuPlF_PU5DlnY9XalyDKKeCCEEK8AOS4lQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NDlC8AsCzxSvADTSOjVNxMQCnrN%2Fr6gZHE3MIydv2sIykeZ3J2JYhJ8begnU4%2Fvyq%2F79i3uRjl3oCcNK%2FKlzL%2B7dLfgLHW%2FFoLvjEVlBAyYYMyaJ1yAdbKb1KqJnKI8XjFvmia2ZKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8759b5a16e2d6dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false | 34.196.19.203 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false IP34.196.19.203:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://couriernote-001-site1.jtempurl.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2NbEwbdiHEV80lCXjTtpSg==
DNT: 1
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 17 Apr 2024 04:35:38 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +xdQwztFzEvFH7nSm+MEiskffJ0=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover
|
|
| ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false | 34.196.19.203 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false IP34.196.19.203:443
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp CertificateIssuerAmazon Subjectpusher.com Fingerprint7F:21:03:8F:D0:81:ED:06:33:D6:8D:83:17:DA:79:19:72:2E:BF:39 ValiditySun, 25 Jun 2023 00:00:00 GMT - Wed, 24 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://couriernote-001-site1.jtempurl.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PXY4AQRhZ3NAk2vxKc3uWw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 17 Apr 2024 04:35:40 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eC3DNf2MDRnGCQ3p1JKib8bz8Z8=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover
|
|
| ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=f7165dd215 | 172.67.139.119 | 200 OK | 28 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=f7165dd215 IP172.67.139.119:443
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (27377) Hash940b066040a876fa1dc7b2ee2d222a58 64b2aea0b4d60d879d4ff7540192a906ffc0fd92 f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075
GET /releases/v6.5.2/css/free-v4-shims.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://couriernote-001-site1.jtempurl.com/
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:35:37 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"940b066040a876fa1dc7b2ee2d222a58"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6851e5f468b237438eae4078fbc9d3b8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: XiKuTRvTBTi_PAoXrS4jEpjhIpq5flbgs8Gj_2s1zRkQZdvdmGAi3A==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n0UMHp1L4Nqkc%2FxbYgceEmujdvpS3QCFmRbQHifKnsgtVGDNHhjUOSpbO7fWB%2BgPMyuqwTfsOm5VFnRlxVL885s7QhCysElkftTRNbO74fmI%2ByXvENJ0UBEF7ROQ%2BR%2BdO9k3nDF4dw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8759b5a16e2c6dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| couriernote-001-site1.jtempurl.com/images/favicon.gif | 45.58.159.112 | 200 OK | 2.2 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/images/favicon.gif IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
File typeMS Windows icon resource - 1 icon, 32x32, 8 bits/pixel Hasha6f1af8e79a11829ba9a66474b06bb97 d99e3ec7747c865033a8dfad43c9f49634404bc1 b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /images/favicon.gif HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
Cookie: XSRF-TOKEN=eyJpdiI6Ik9oN0NHKzgrcTQrY3JQcUF5M2t3c1E9PSIsInZhbHVlIjoiSllYWXlBODhtZ1JuMlhwY0xvS0pFck9wTGV2czArelRoUkQyb05zZ3Qza1pNQ2g1UHYxV0UvMG5QNW5qRWtybFhPdjd1KzdrVEthc2JqcDd3elh2Mnc4WEk3S0xqc3pKMTZnNlBGaTVPdFlnL3NlS3E4NUY5cmlNbXFaaEQ4czAiLCJtYWMiOiIzMWY5NjZlYThhNmI3MWYxYmVhMjA1OGVhZTcwZjRjNzAyZTcwMTAwOTQ5ZDUzMDJjYWM3NmYyMGY4MTM5Zjk4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im5oL2ZxMHI2dCtsVWkxOGVsVncwUlE9PSIsInZhbHVlIjoiNXdqUFk5ZDhpUU9DcmJEcVppZnh3VitxRVd3TmMyUWRSYUYzWWdMNFFjT0lDM0hZZDIvOXdaYlk0S2ZrWWcrd3Y1dU5HUWw2ano5TzhGR1pUMDdtVlFYdnJ1ZVF1cTRaYlVhUXRNZWpEWmRpZnFUdWVkTmVhbUNxYVNFT3ZiUngiLCJtYWMiOiI2MjQwYWQ5MjEzYTg5MjFjYTA0ZjVhMjU3Y2Q2ZDFkZTVlMjc1Zjg4NjAxMjU2ODE0OWVhYWY0NzcwYjhmYjkzIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: image/gif
Last-Modified: Sun, 17 Apr 2022 13:25:28 GMT
Accept-Ranges: bytes
ETag: "054819a5e52d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 17 Apr 2024 04:35:37 GMT
Content-Length: 2238
|
|
| files.killbot.org/.cdn-cgi/killbot-security.js | 0.0.0.0 | | 0 B |
URL GET files.killbot.org/.cdn-cgi/killbot-security.js IP0.0.0.0:0
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /.cdn-cgi/killbot-security.js HTTP/1.1
Host: files.killbot.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2 | 172.67.139.119 | 200 OK | 156 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2 IP172.67.139.119:443
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 156388, version 773.1280 Size156 kB (156388 bytes) Hashae015e3286ef56a0daf8e83838a32a88 7c18577fd6c4e7d9036b244215ace3945372eefe 41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825
GET /releases/v6.5.2/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:35:38 GMT
content-type: font/woff2
content-length: 156388
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
etag: "ae015e3286ef56a0daf8e83838a32a88"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 8662e3c152f0b241b5d273e9b0c8f9fc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: xklk1m_kKCojt59U46OZ9wYeOcllyjr9xsRKc6WLB3XRurZ4cVfXGw==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yqg4x%2FwMX%2FCQeuOa0D1mRh51CgxTDdsS9ZkyeFr8P6sWLceh0KH5M%2FYUy6OMYj5rRW5s9%2BqVTK3nuNJiLK0elBqL0PhByKZtZtm3pyRgiQ%2Fgt2yG1s9X8K4op63kq3YWisCFH5Dj0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759b5a398346dee-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| files.killbot.org/.cdn-cgi/killbot-security.js | 0.0.0.0 | | 0 B |
URL GET files.killbot.org/.cdn-cgi/killbot-security.js IP0.0.0.0:0
Requested byhttp://couriernote-001-site1.jtempurl.com/hIFpHmTKI5nQimQ2IFxWp4C0e9arFrdp
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /.cdn-cgi/killbot-security.js HTTP/1.1
Host: files.killbot.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|