Report - depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true

Report Overview

Submitted URL
depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
IP
91.215.85.79
ASN
#200593 Prospero Ooo
Submitted
2024-04-24 17:21:36
Access
public
Website Title
Parcel Tracking | Track Package Online | Evri - The New Hermes
Final URL
depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Tags
suspicious
urlquery detections
Suspicious - Suspicious Javascript code

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
50

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
depot-evriuk.com	unknown	unknown	No data	No data	15 kB	545 kB	91.215.85.79

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing
2024-04-23	medium	depot-evriuk.com/	Generic/Spear Phishing

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	depot-evriuk.com/files/js/jquery.min.js	108 kB	2023-03-07	2024-05-05
Pretty URL depot-evriuk.com/files/js/jquery.min.js IP 91.215.85.79 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:36 Last Seen2024-05-05 17:33:29 Times Seen471 Hash e86504b92c4745b9315d7f4f9b73fc2a b9b4714b5c1cbc03d9444c9f60a17eecb8e0750d 878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9 Loading...

	depot-evriuk.com/files/js/main.app4352.js	227 kB	2024-04-24	2024-04-28
Pretty URL depot-evriuk.com/files/js/main.app4352.js IP 91.215.85.79 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 19:21:43 Last Seen2024-04-28 19:11:00 Times Seen4 Hash 991b9b724d11d470a0f47ddc36af8dde 32cb5673d86ad52ad010f3079c88ea0cc43e245a 32d5b88deb220d7629b1ba8da495f0858c49820371f36b449cfc5dff677f583c Loading...

HTTP Transactions (25)

URL IP Response Size

depot-evriuk.com/files/css/2162f5c.css

91.215.85.79

200 OK

6.2 kB

URL GET HTTP/3
depot-evriuk.com/files/css/2162f5c.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ASCII text, with very long lines (383), with CRLF line terminators
Size
6.2 kB (6241 bytes)
Hash
0db64cbb59b0f52eaa79a919160a7f5d
c15230e191a4ee81713baa172e76f2d93a336260
7e94e7070ab3057dffc3c546b9a6fe923f96880698311a7ddc43ed9f163cb4df

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/css/2162f5c.css HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: text/css
last-modified: Mon, 19 Sep 2022 09:45:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6241
date: Wed, 24 Apr 2024 17:21:11 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

depot-evriuk.com/files/css/c5735d6.css

91.215.85.79

200 OK

2.8 kB

URL GET HTTP/3
depot-evriuk.com/files/css/c5735d6.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ASCII text, with very long lines (18371), with no line terminators
Size
2.8 kB (2809 bytes)
Hash
7f74cb2207cf21f0af89390d287fa9a5
80f9ca9e4c67c31d9cf6ff37d77a9209bc98150d
489beb321e0e519c5926ab1cc2d96a0f1622af62c493c75a995239159e1fdab4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/css/c5735d6.css HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2809
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/css/549d9fc.css

91.215.85.79

200 OK

435 B

URL GET HTTP/3
depot-evriuk.com/files/css/549d9fc.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ASCII text, with very long lines (1475), with no line terminators
Size
435 B (435 bytes)
Hash
46e8689cd799aa0507105dd7d905ba39
243f73623285752a313bd6eabc21076f1b390ff8
aae25fadf9213bc7f043688bc0cb0c07c8a5fe6b6c2451b5523d830ed44dd4a6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/css/549d9fc.css HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 435
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/css/85fcae0.css

91.215.85.79

200 OK

673 B

URL GET HTTP/3
depot-evriuk.com/files/css/85fcae0.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ASCII text, with very long lines (2753), with no line terminators
Size
673 B (673 bytes)
Hash
32fb85605ff3307368723c5d52467fec
8286bfdbe18e11429035d4f3a1cdb5e33326cf83
67b2ead2f0bfa00d9c0c3d9f18c5f990274c014a56e3d1cf300d48143a3e8114

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/css/85fcae0.css HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 673
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/css/0900793.css

91.215.85.79

200 OK

1.1 kB

URL GET HTTP/3
depot-evriuk.com/files/css/0900793.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ASCII text, with very long lines (5810), with no line terminators
Size
1.1 kB (1109 bytes)
Hash
f9e52f0a654209762c28a8b41dfcfc6e
2b64f688eee5d9079b20b9cd92fd802675e766ef
44a7b1af491c9c8004f7c11971976ccf36ff26fe063d3e9508955373c0270f66

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/css/0900793.css HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1109
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/css/24a216c.css

91.215.85.79

200 OK

553 B

URL GET HTTP/3
depot-evriuk.com/files/css/24a216c.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ASCII text, with CRLF line terminators
Size
553 B (553 bytes)
Hash
4c3d120f6fe8a67d7b8a1bf0044669a8
8c124cd11f2ce2b4029e126f3a0576d741ac01c8
064ab2121e8237427773e7d4f4e86e00cc0abce67c831d3b43b922ae4336bddb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/css/24a216c.css HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 18:43:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 553
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/css/7235dd7.css

91.215.85.79

200 OK

731 B

URL GET HTTP/3
depot-evriuk.com/files/css/7235dd7.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ASCII text, with very long lines (4576), with no line terminators
Size
731 B (731 bytes)
Hash
c45e8f7fa8d096bdc0e40557d1b90b7b
6d4077f69e0281de56d54a3007c9e1f0dbcf5682
080525b07734526c0948bdbf3dbfa767cb06dc3d494e96f144a9fffcc531a381

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/css/7235dd7.css HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 731
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/css/e637f2f.css

91.215.85.79

200 OK

694 B

URL GET HTTP/3
depot-evriuk.com/files/css/e637f2f.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ASCII text, with very long lines (4364), with no line terminators
Size
694 B (694 bytes)
Hash
fc0ba878aaa2f6d9693ae040f99f385b
2d96e5554cd5025c3fa029274286a728d115677e
d0f864a6f2f2a3278725a7bdc647a8d2da4b371e8cfd7afc7f043b474fae958d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/css/e637f2f.css HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 694
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/css/702c450.css

91.215.85.79

200 OK

761 B

URL GET HTTP/3
depot-evriuk.com/files/css/702c450.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ASCII text, with very long lines (4952), with no line terminators
Size
761 B (761 bytes)
Hash
7cd7f6c3b4a625fed8299e093b867ab7
709545d57183b3ad82aa059f5ac3e2a05f0056ce
685e7e0fd914ede79f8bf203791e37dcf2b8ea59efd3da919abdd54f0c516068

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/css/702c450.css HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 761
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/css/61342a4.css

91.215.85.79

200 OK

328 B

URL GET HTTP/3
depot-evriuk.com/files/css/61342a4.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ASCII text, with very long lines (1678), with no line terminators
Size
328 B (328 bytes)
Hash
c0b5d8137b6a3705f318c7012d016720
10bd9bad6de60d2228f29b86290546e1aeacc8e7
2b4a3f3eabb885903b860e3c6d63394e5d9aeb7cbf9cc11ee9a8a4c85ae85355

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/css/61342a4.css HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 328
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/js/jquery.min.js

91.215.85.79

200 OK

32 kB

URL GET HTTP/3
depot-evriuk.com/files/js/jquery.min.js
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
32 kB (32124 bytes)
Hash
e86504b92c4745b9315d7f4f9b73fc2a
b9b4714b5c1cbc03d9444c9f60a17eecb8e0750d
878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/js/jquery.min.js HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript
last-modified: Wed, 21 Sep 2022 17:19:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32124
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/css/57f1d43.css

91.215.85.79

200 OK

1.7 kB

URL GET HTTP/3
depot-evriuk.com/files/css/57f1d43.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1712 bytes)
Hash
aafbcc738169999bd9cb0336b96ba286
6f41850c08da774ee1438882a2d705f13a697fd5
4923930ed54df68945b1ec7359d6c680eac267eb31e864aaf6cd0a857ebab7f8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/css/57f1d43.css HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 18:43:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1712
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/js/main.app4352.js

91.215.85.79

200 OK

67 kB

URL GET HTTP/3
depot-evriuk.com/files/js/main.app4352.js
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
67 kB (66648 bytes)
Hash
991b9b724d11d470a0f47ddc36af8dde
32cb5673d86ad52ad010f3079c88ea0cc43e245a
32d5b88deb220d7629b1ba8da495f0858c49820371f36b449cfc5dff677f583c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious Javascript code
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/js/main.app4352.js HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript
last-modified: Wed, 21 Sep 2022 17:09:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 66648
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/fonts/poppins-regular-webfont.7930357.woff2

91.215.85.79

200 OK

20 kB

URL GET HTTP/3
depot-evriuk.com/files/fonts/poppins-regular-webfont.7930357.woff2
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19664, version 1.0
Size
20 kB (19664 bytes)
Hash
a253cc7b6cf8180e3543d50cf67430bb
69b2891cd7206aae1473535c7f734a9453007489
5805b5c786e9d2a4ef962597ae6f2ad133b015b182ab5ff0747e1ae373a20c26

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/fonts/poppins-regular-webfont.7930357.woff2 HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/files/css/2162f5c.css
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: font/woff2
last-modified: Mon, 12 Sep 2022 18:39:34 GMT
accept-ranges: bytes
content-length: 19664
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/img/070fb904-68fe-40d8-a7c0-88e1b3e33e2f_Customer+using+app.avif

91.215.85.79

200 OK

122 kB

URL GET HTTP/3
depot-evriuk.com/files/img/070fb904-68fe-40d8-a7c0-88e1b3e33e2f_Customer+using+app.avif
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ISO Media, AVIF Image
Size
122 kB (121828 bytes)
Hash
12afc65750de26e26c2170c4762ad06d
325136c9734db1909c78d8a178909de9a2e5bc19
f9a73229007e96a7f861420a9f1c83cdcd33857792293f93209cbfb4b2f0eb5f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/img/070fb904-68fe-40d8-a7c0-88e1b3e33e2f_Customer+using+app.avif HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: image/avif
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-length: 121828
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/img/0a4cb457-32eb-4ca9-bc8c-7e73bae98e53_courier+scanning+parce.avif

91.215.85.79

200 OK

64 kB

URL GET HTTP/3
depot-evriuk.com/files/img/0a4cb457-32eb-4ca9-bc8c-7e73bae98e53_courier+scanning+parce.avif
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ISO Media, AVIF Image
Size
64 kB (63786 bytes)
Hash
bdf3561dfff67697d4bf81bae54899a5
b6ca9e98d3c18272dcf87dfa50598444c8753b7f
d3fff4d079260d1d84f8496d0e2dd336126dce800f902c7f42f10a5a56ac1aa5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/img/0a4cb457-32eb-4ca9-bc8c-7e73bae98e53_courier+scanning+parce.avif HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: image/avif
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-length: 63786
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/img/effca3c0-409d-4673-b954-3d3c55b00e75_international.svg

91.215.85.79

200 OK

2.1 kB

URL GET HTTP/3
depot-evriuk.com/files/img/effca3c0-409d-4673-b954-3d3c55b00e75_international.svg
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
SVG Scalable Vector Graphics image
Size
2.1 kB (2085 bytes)
Hash
5c19b305ba2ef2ff72314e5168653506
9213ac24cdaeb99c98cd53d8d72dfaeca826118d
cfc340aba5a95fd49e15f0a0a52225d79e085cc5a3e63ff56a62b4437edd64b8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/img/effca3c0-409d-4673-b954-3d3c55b00e75_international.svg HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: image/svg+xml
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2085
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/img/d9d833c5-7e4f-479f-bf68-52d33b648f94_track-landing.svg

91.215.85.79

200 OK

3.3 kB

URL GET HTTP/3
depot-evriuk.com/files/img/d9d833c5-7e4f-479f-bf68-52d33b648f94_track-landing.svg
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
SVG Scalable Vector Graphics image
Size
3.3 kB (3271 bytes)
Hash
6464c6d0620f2209a31721b9a5ff5a27
75f92bf54934e5f8a8e809b2a753fed0b1e202fb
c2cb70ff9dbbd78f4573e51c58643faf642eae63ee2bb8ef525c29053647bab7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/img/d9d833c5-7e4f-479f-bf68-52d33b648f94_track-landing.svg HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: image/svg+xml
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3271
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/img/04410bfb-dbe7-4036-8ac9-9795932c4fbe_my-places.svg

91.215.85.79

200 OK

658 B

URL GET HTTP/3
depot-evriuk.com/files/img/04410bfb-dbe7-4036-8ac9-9795932c4fbe_my-places.svg
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
SVG Scalable Vector Graphics image
Size
658 B (658 bytes)
Hash
3b6b643d5a3240ecc21894841c1326af
0c7a3fae866bb5fc7f534800538caf420c1e88f6
1e1aeafacba1cc56db1719fb59ff474a17c92a25431dec9151476012a0f6b96b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/img/04410bfb-dbe7-4036-8ac9-9795932c4fbe_my-places.svg HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: image/svg+xml
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 658
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/img/c617b390-f0c4-46b4-80de-91649bd81367_divert-your-parcel.svg

91.215.85.79

200 OK

3.8 kB

URL GET HTTP/3
depot-evriuk.com/files/img/c617b390-f0c4-46b4-80de-91649bd81367_divert-your-parcel.svg
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
SVG Scalable Vector Graphics image
Size
3.8 kB (3798 bytes)
Hash
9ee93781533d8348c356643df3430f52
d70ff2e4905c4656886c3062af99ba2962fdeb3f
d8821e1bad4d7e8a329e2decb9229740b8e9446d8362063c629e55b9733b8490

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/img/c617b390-f0c4-46b4-80de-91649bd81367_divert-your-parcel.svg HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: image/svg+xml
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3798
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/img/0966996d-ba7a-4c24-a313-0a1671b3fb5a_need-help-tracking.svg

91.215.85.79

200 OK

889 B

URL GET HTTP/3
depot-evriuk.com/files/img/0966996d-ba7a-4c24-a313-0a1671b3fb5a_need-help-tracking.svg
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
SVG Scalable Vector Graphics image
Size
889 B (889 bytes)
Hash
edd53b0d0fac2af2a20cb059057ace7b
ed7e42b32fbf0e26edc8e4c725dbc1e9f5d578d5
e290bdbff0b796f7f57499534d28ffb583fe6f8c6e45f56b3ce3da7244976275

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/img/0966996d-ba7a-4c24-a313-0a1671b3fb5a_need-help-tracking.svg HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: image/svg+xml
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 889
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/img/9c7da113-f365-4237-a354-013bc51f4942_courier+holding+parcel.avif

91.215.85.79

200 OK

50 kB

URL GET HTTP/3
depot-evriuk.com/files/img/9c7da113-f365-4237-a354-013bc51f4942_courier+holding+parcel.avif
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
ISO Media, AVIF Image
Size
50 kB (50073 bytes)
Hash
9b2d970f58f2cf22b37b420f748e0c0c
00b40a66460b47f366c23c4257863301ae60a9be
76b53510a6c1e2e06bb0d03daf5315e75b2d847dd260039a9838ba820a3a6615

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/img/9c7da113-f365-4237-a354-013bc51f4942_courier+holding+parcel.avif HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: image/avif
last-modified: Wed, 07 Sep 2022 22:27:28 GMT
accept-ranges: bytes
content-length: 50073
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/img/favicon.ico

91.215.85.79

200 OK

752 B

URL GET HTTP/3
depot-evriuk.com/files/img/favicon.ico
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
752 B (752 bytes)
Hash
7d0229599d942f4cef13e6412fe18723
e79befbb092560c15852fd9e2698207fff78576b
ffb81e3b15f8ac3722236fb7793dc196c9e7ad850904d98b9c874aa61d9aab84

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/img/favicon.ico HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: image/x-icon
last-modified: Mon, 12 Sep 2022 15:50:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 752
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/files/fonts/poppins-semibold-webfont.392d12d.woff2

91.215.85.79

200 OK

20 kB

URL GET HTTP/3
depot-evriuk.com/files/fonts/poppins-semibold-webfont.392d12d.woff2
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19828, version 1.0
Size
20 kB (19828 bytes)
Hash
a5919f1f6e08dad8b8f844ba80c60a57
f60ddcc3920ff17d9fbb650178b47ed9a5a34467
067b66273ba2a156d2f6ca5529e4aeb9949408e47e06bd2d38e2093edc3bbab1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /files/fonts/poppins-semibold-webfont.392d12d.woff2 HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://depot-evriuk.com/files/css/2162f5c.css
Cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 17:21:11 GMT
content-type: font/woff2
last-modified: Mon, 12 Sep 2022 18:41:16 GMT
accept-ranges: bytes
content-length: 19828
date: Wed, 24 Apr 2024 17:21:11 GMT

depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true

91.215.85.79

200 OK

136 kB

URL User Request GET HTTP/2
depot-evriuk.com/landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Certificate
IssuerLet's Encrypt
Subject*.depot-evriuk.com
Fingerprint22:B4:B5:6D:AD:6C:DD:D9:D9:58:82:BE:6D:47:5D:73:EF:90:C0:52
ValiditySun, 21 Apr 2024 17:39:54 GMT - Sat, 20 Jul 2024 17:39:53 GMT

File type

Size
136 kB (136300 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /landing.php?&URI=bcf22abd4bc6abce316992179bdb5531&sessionid=1355bdb971299613ecba6cb4dba22fcb&securessl=true HTTP/1.1
Host: depot-evriuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
set-cookie: PHPSESSID=2b7051dedfc2d6904a13e4d4e63914e4; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 17:21:11 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (25)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections