| couriernote-001-site1.jtempurl.com/bbuDKiwXUCwESbMdNEc1taAkl1CIucCf | 45.58.159.112 | | 210 B |
URL couriernote-001-site1.jtempurl.com/bbuDKiwXUCwESbMdNEc1taAkl1CIucCf IP45.58.159.112:0
File typeHTML document, ASCII text Hash31b6183945b23f3237cea6acdcb91853 483ea3ac6b6491cee1fde0bddeae208a8f147e95 4a59ea7a803e2c7de336103d84f319efbb0c900f1a65dad4aa826db264640f62
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /bbuDKiwXUCwESbMdNEc1taAkl1CIucCf HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Location: http://couriernote-001-site1.jtempurl.com
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjBWa3R4WXNVOU5tRW9kVS8xMGNyQ2c9PSIsInZhbHVlIjoidmp5a0svbWFyeXhOcjRWMUg2Zy9EOEN2ZWgwMS9aZ2gvdndiU3pmVVRoWHR2VS9HTHFycm9URXRLMWp6cWxxMExqUjNwcGFoY3JZQ25KMjlOWjVwcHRmTUUxZE5WczRkWWxRTkJvZUNLYVdteVBxSE1uS2h5RGNETEhrN0dVOHkiLCJtYWMiOiJjY2I3YmE2OWFkNzIxNWU5MTAzOGYyZGJhMmQ2NWIwNjBlMjYxMTBjNjM1M2ExMzJhNDJlYjljNWNjZGYzNjM0IiwidGFnIjoiIn0%3D; expires=Tue, 16-Apr-2024 20:21:46 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IldKMlFJWGVOQjJlYWJZcTJSWVcvbmc9PSIsInZhbHVlIjoiei9ielZlZkk0UXpGVnpvakZNcW1RZVZjZnNiejlzVWFDS1dJZjBDeHlJc2VBc2h0alB3cTRxUFdyZ1hNd0ZlMWxMa0lYcGIwdFQrbS81VWRNcGV6ajlWdTY0RUg1K1hsV2taSWk1Ui8wT09CdURHcHgvVWdxN2J4Q2JqTGhHa2siLCJtYWMiOiI2ZTQyNDdiMTY0ZDEzZjkzNTg5NWVjZDU2MmIwMGQ2Y2NiODI2Zjg2ZGYyMDYzZDUyOTczZWI4MTNlYWRhYmVhIiwidGFnIjoiIn0%3D; expires=Tue, 16-Apr-2024 20:21:46 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Tue, 16 Apr 2024 18:21:45 GMT
Content-Length: 210
|
|
| couriernote-001-site1.jtempurl.com/ | 45.58.159.112 | | 346 B |
URL couriernote-001-site1.jtempurl.com/ IP45.58.159.112:0
File typeHTML document, ASCII text Hash4d49a441dde37e234dbe8ab0f49bfb8b 07f049888e4fe1fbebc298897633d8c9d3acfd8e f47dbf7c4de385d38155fc2b05675224fcd8a1ec771cc1f2b0b9115ac592ba97
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET / HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjBWa3R4WXNVOU5tRW9kVS8xMGNyQ2c9PSIsInZhbHVlIjoidmp5a0svbWFyeXhOcjRWMUg2Zy9EOEN2ZWgwMS9aZ2gvdndiU3pmVVRoWHR2VS9HTHFycm9URXRLMWp6cWxxMExqUjNwcGFoY3JZQ25KMjlOWjVwcHRmTUUxZE5WczRkWWxRTkJvZUNLYVdteVBxSE1uS2h5RGNETEhrN0dVOHkiLCJtYWMiOiJjY2I3YmE2OWFkNzIxNWU5MTAzOGYyZGJhMmQ2NWIwNjBlMjYxMTBjNjM1M2ExMzJhNDJlYjljNWNjZGYzNjM0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IldKMlFJWGVOQjJlYWJZcTJSWVcvbmc9PSIsInZhbHVlIjoiei9ielZlZkk0UXpGVnpvakZNcW1RZVZjZnNiejlzVWFDS1dJZjBDeHlJc2VBc2h0alB3cTRxUFdyZ1hNd0ZlMWxMa0lYcGIwdFQrbS81VWRNcGV6ajlWdTY0RUg1K1hsV2taSWk1Ui8wT09CdURHcHgvVWdxN2J4Q2JqTGhHa2siLCJtYWMiOiI2ZTQyNDdiMTY0ZDEzZjkzNTg5NWVjZDU2MmIwMGQ2Y2NiODI2Zjg2ZGYyMDYzZDUyOTczZWI4MTNlYWRhYmVhIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: XSRF-TOKEN=eyJpdiI6IisxVXBBRWRvbDBablJkWEF5TVV1M0E9PSIsInZhbHVlIjoiaE1ERFIrR0Q3WGhrU292MWVsYkVQSmtxNWNVMThpdEVNcUdEWk1wcVYzK1ZJN0x1cldSYUU4TWNwMjh0WTNCY2o3TWRnamgrbnJQQkNISEtNVnpYZjlOVUpiTkg1ODRLdytKUUI3S2VqSFUrdXlDSzQwZ3MxQnZoUkkycFgwWWYiLCJtYWMiOiJlYzhlMjRiZjUwOGVjNDdlMjY0MDZkNWQxZWI4NThkY2NkMjc0NzU5NWYzNWNmMjMyNmU1MzAzYmZiODE3ZmNlIiwidGFnIjoiIn0%3D; expires=Tue, 16-Apr-2024 20:21:47 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6ImxkOUdNN0lKdmdzQ1JIbWpKTkxSdnc9PSIsInZhbHVlIjoiWldsdGh1aGlLbzltbWRFd242YTAyZkYwYlRvdTZEZDNVWlFScGxMcGkwcFYvaDNmSEhvMUU3Zmg4bmkvNEdCTUp6dDdIYXUyUUFGL1c3MnZFWTdOT0diREg4M2gzNXFDSy9QMzhsZWEyb3duSit2N1g3NTAvYlVLakdMb3g1SUwiLCJtYWMiOiI3NmI2NjQyNzk4M2YxOTE4ODRlYmNiNTFmZTMxYmY3OWZmMWZjODQ3Y2JmOWM2ZTY5ZTY2OGU2ZmUwYmVmMGRiIiwidGFnIjoiIn0%3D; expires=Tue, 16-Apr-2024 20:21:47 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Tue, 16 Apr 2024 18:21:46 GMT
Content-Length: 346
|
|
| couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne/ | 45.58.159.112 | 301 Moved Permanently | 284 B |
URL User Request GET HTTP/1.1couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne/ IP45.58.159.112:80
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash5fe9ade0f76c969903d673037af536d2 105e935ba32a1f345c44b62bfb979c3c21303ed4 ddfb694120453cec7959a7d9218b5f3500ea55e4041714191f70aa015b4c4cbd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne/ HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://couriernote-001-site1.jtempurl.com/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IisxVXBBRWRvbDBablJkWEF5TVV1M0E9PSIsInZhbHVlIjoiaE1ERFIrR0Q3WGhrU292MWVsYkVQSmtxNWNVMThpdEVNcUdEWk1wcVYzK1ZJN0x1cldSYUU4TWNwMjh0WTNCY2o3TWRnamgrbnJQQkNISEtNVnpYZjlOVUpiTkg1ODRLdytKUUI3S2VqSFUrdXlDSzQwZ3MxQnZoUkkycFgwWWYiLCJtYWMiOiJlYzhlMjRiZjUwOGVjNDdlMjY0MDZkNWQxZWI4NThkY2NkMjc0NzU5NWYzNWNmMjMyNmU1MzAzYmZiODE3ZmNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxkOUdNN0lKdmdzQ1JIbWpKTkxSdnc9PSIsInZhbHVlIjoiWldsdGh1aGlLbzltbWRFd242YTAyZkYwYlRvdTZEZDNVWlFScGxMcGkwcFYvaDNmSEhvMUU3Zmg4bmkvNEdCTUp6dDdIYXUyUUFGL1c3MnZFWTdOT0diREg4M2gzNXFDSy9QMzhsZWEyb3duSit2N1g3NTAvYlVLakdMb3g1SUwiLCJtYWMiOiI3NmI2NjQyNzk4M2YxOTE4ODRlYmNiNTFmZTMxYmY3OWZmMWZjODQ3Y2JmOWM2ZTY5ZTY2OGU2ZmUwYmVmMGRiIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Length: 284
Content-Type: text/html
Location: http://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 16 Apr 2024 18:21:48 GMT
|
|
| couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne | 45.58.159.112 | 200 OK | 15 kB |
URL User Request GET HTTP/1.1couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne IP45.58.159.112:80
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (39884) Hash3ae89f9ee8e383fec15cf3fe0592251a 41b18e26f2d4c0c67a8bf2bdb036ba4641f63eca cc8d762a9f2ccd6b400cacb58d2dda7e5ee096caee8b5881defcb5535f489e70
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://couriernote-001-site1.jtempurl.com/
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IisxVXBBRWRvbDBablJkWEF5TVV1M0E9PSIsInZhbHVlIjoiaE1ERFIrR0Q3WGhrU292MWVsYkVQSmtxNWNVMThpdEVNcUdEWk1wcVYzK1ZJN0x1cldSYUU4TWNwMjh0WTNCY2o3TWRnamgrbnJQQkNISEtNVnpYZjlOVUpiTkg1ODRLdytKUUI3S2VqSFUrdXlDSzQwZ3MxQnZoUkkycFgwWWYiLCJtYWMiOiJlYzhlMjRiZjUwOGVjNDdlMjY0MDZkNWQxZWI4NThkY2NkMjc0NzU5NWYzNWNmMjMyNmU1MzAzYmZiODE3ZmNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImxkOUdNN0lKdmdzQ1JIbWpKTkxSdnc9PSIsInZhbHVlIjoiWldsdGh1aGlLbzltbWRFd242YTAyZkYwYlRvdTZEZDNVWlFScGxMcGkwcFYvaDNmSEhvMUU3Zmg4bmkvNEdCTUp6dDdIYXUyUUFGL1c3MnZFWTdOT0diREg4M2gzNXFDSy9QMzhsZWEyb3duSit2N1g3NTAvYlVLakdMb3g1SUwiLCJtYWMiOiI3NmI2NjQyNzk4M2YxOTE4ODRlYmNiNTFmZTMxYmY3OWZmMWZjODQ3Y2JmOWM2ZTY5ZTY2OGU2ZmUwYmVmMGRiIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; expires=Tue, 16-Apr-2024 20:21:49 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D; expires=Tue, 16-Apr-2024 20:21:49 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Tue, 16 Apr 2024 18:21:49 GMT
Content-Length: 14644
|
|
| couriernote-001-site1.jtempurl.com/css/app.css | 45.58.159.112 | 200 OK | 56 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/css/app.css IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
Hash181990cc2279e4cea65c9363fb37fee9 b85a7ba40043b0c48a034d8382629ef7ec6a1e24 36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /css/app.css HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 29 Mar 2022 20:11:08 GMT
Accept-Ranges: bytes
ETag: "0566d20a943d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 16 Apr 2024 18:21:49 GMT
Content-Length: 55863
|
|
| couriernote-001-site1.jtempurl.com/js/session-recorder.js | 45.58.159.112 | 200 OK | 11 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/js/session-recorder.js IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typeJavaScript source, ASCII text, with very long lines (44992) Hash701984b4995f3c29820e83c999b7eb23 a3b50104a3bfa05bf59a317273816c7d8ae1f81d 67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /js/session-recorder.js HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 29 Mar 2022 19:35:56 GMT
Accept-Ranges: bytes
ETag: "0b69335a443d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 16 Apr 2024 18:21:49 GMT
Content-Length: 11151
|
|
| couriernote-001-site1.jtempurl.com/js/app.js | 45.58.159.112 | 200 OK | 201 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/js/app.js IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typeJavaScript source, Unicode text, UTF-8 text Size201 kB (201031 bytes) Hashfd900f643203761f2eeca2132fc15f1d 375f23ca9ad75b647373bda03b02e2d0f6e729be 399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /js/app.js HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 29 Mar 2022 19:35:56 GMT
Accept-Ranges: bytes
ETag: "0b69335a443d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 16 Apr 2024 18:21:49 GMT
Content-Length: 201031
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css | 104.17.25.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.25.14:443
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 18:21:50 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 85195
expires: Sun, 06 Apr 2025 18:21:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Ca7fmUSN5xI8hn3lO5LDPzXyNacxyN2l9xO9ojxQxplr3F4sUNP2o48vlJMuivhp%2FeT09tGMSBN6m495nZTTDkvvgScds60ICT2B5hRvE%2BKG24CuHixdLAtOEhQgwHKhOrMnA1t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875632837fcfb521-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| couriernote-001-site1.jtempurl.com/images/logo.png | 45.58.159.112 | 200 OK | 2.0 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/images/logo.png IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typePNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced Hash5d14ab93691604e826e1319d53599eb9 78724360e9d25da584445b851e37bca05abe6b85 3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /images/logo.png HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: image/png
Last-Modified: Sun, 17 Apr 2022 13:24:00 GMT
Accept-Ranges: bytes
ETag: "098d665e52d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 16 Apr 2024 18:21:50 GMT
Content-Length: 1998
|
|
| couriernote-001-site1.jtempurl.com/images/all.png | 45.58.159.112 | 200 OK | 12 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/images/all.png IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typePNG image data, 123 x 84, 8-bit/color RGBA, non-interlaced Hash2cb0b7f615faf2deb9ec6f53d3149a3b 694a2c881c83e2ab86365bf1d16302ac5b9d500f c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /images/all.png HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: image/png
Last-Modified: Sun, 17 Apr 2022 13:24:34 GMT
Accept-Ranges: bytes
ETag: "095517a5e52d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 16 Apr 2024 18:21:50 GMT
Content-Length: 12499
|
|
| couriernote-001-site1.jtempurl.com/images/foo.png | 45.58.159.112 | 404 Not Found | 2.1 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/images/foo.png IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /images/foo.png HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Tue, 16 Apr 2024 18:21:50 GMT
Content-Length: 2123
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b | 45.58.159.112 | 404 Not Found | 6.6 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Tue, 16 Apr 2024 18:21:50 GMT
Content-Length: 6609
|
|
| couriernote-001-site1.jtempurl.com/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c | 45.58.159.112 | 404 Not Found | 6.6 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Tue, 16 Apr 2024 18:21:50 GMT
Content-Length: 6609
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 | 45.58.159.112 | 404 Not Found | 6.6 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Tue, 16 Apr 2024 18:21:50 GMT
Content-Length: 6609
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.17.25.14 | 200 OK | 77 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.17.25.14:443
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 18:21:50 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 84870
expires: Sun, 06 Apr 2025 18:21:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9GcoPC5R1FNgju4QjHVe4obuapXMkXO9bm0wWgv7zJZjhwXYb3AyS3TKC9pcrjta0qzhSsITLi7oXqpaaURd4%2B9bmILERRU%2F4v5nnRfVHTKOCRmG8ux93q3upG%2ByGWte3rnNPJ84"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87563285cbcb0b45-OSL
alt-svc: h3=":443"; ma=86400
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c | 45.58.159.112 | 404 Not Found | 6.6 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Tue, 16 Apr 2024 18:21:50 GMT
Content-Length: 6609
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 | 45.58.159.112 | 404 Not Found | 6.6 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Tue, 16 Apr 2024 18:21:50 GMT
Content-Length: 6609
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 | 45.58.159.112 | 404 Not Found | 6.6 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Tue, 16 Apr 2024 18:21:50 GMT
Content-Length: 6609
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603 | 45.58.159.112 | 404 Not Found | 2.1 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603 IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603 HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Tue, 16 Apr 2024 18:21:50 GMT
Content-Length: 2123
|
|
| kit.fontawesome.com/f7165dd215.js | 104.18.40.68 | 200 OK | 6.5 kB |
URL GET HTTP/2kit.fontawesome.com/f7165dd215.js IP104.18.40.68:443
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne CertificateIssuerDigiCert Inc Subject*.fontawesome.com Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (11461) Hash437bfac0666b5e3aabcae8631813f6db 7abc0ae3b9273c4712a47e144a724b9174626dd8 5198e430619ec4163119ff66ded1a659dbc1a6e7817f31363c814bf31e128449
GET /f7165dd215.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 18:21:50 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F8alvxc2PR1qkpUO9NBB
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 87563282f9f10b49-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-brands-400.woff2 | 104.21.26.223 | 200 OK | 118 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-brands-400.woff2 IP104.21.26.223:443
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 117856, version 773.1280 Size118 kB (117856 bytes) Hash5674af1ac41fe62c1b4568cbb6a031ff 83ac1707f24f448c43d0656f224a827014154c4f 0de3edeabe89b14f48e7856d2cb631722c600ff66839fae178d0567902d62a91
GET /releases/v6.5.2/webfonts/free-fa-brands-400.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 18:21:50 GMT
content-type: font/woff2
content-length: 117856
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
etag: "5674af1ac41fe62c1b4568cbb6a031ff"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eUIw6b-PFGbLiHjHF_K3Vtg0jodejNwKQoHgRz5mdnQfy2YcF89c7g==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ytEoJrrdaM5OUDbZhhPcIl%2BOMTS1j2BZjFVC3cjNCBphy0ctj64nGvNZ9kLjeb1VpgH%2B5kg2UyhqLQ%2FTm%2Bp5TeIcDNdNpAgyadPlGt6ts5F6a9XWuI%2Fhd5AvO4YsMfjNp2N%2FZs5fAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8756328709cc56be-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2 | 104.21.26.223 | 200 OK | 156 kB |
URL GET HTTP/3ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2 IP104.21.26.223:443
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 156388, version 773.1280 Size156 kB (156388 bytes) Hashae015e3286ef56a0daf8e83838a32a88 7c18577fd6c4e7d9036b244215ace3945372eefe 41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825
GET /releases/v6.5.2/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 18:21:50 GMT
content-type: font/woff2
content-length: 156388
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
etag: "ae015e3286ef56a0daf8e83838a32a88"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YD_ijoUnuAAjvuWmP5OWE2i-QUu7fKdjy55hoBZHhabB0aRdQsFY7w==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dZ%2BJUZLib1b7cTZ6LPp2L%2Foc0Su8Z74h2oqrfkqgi1kHNQPifBmPuYt%2FHc69t83Q0SPkYrJksGgFGD%2B5MwSkJQ0Xp9%2FwtBIHKes6zutRn0Np%2F6MQbF77ia6dNizC%2BB3JAXxoi0sLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875632873a3f56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| couriernote-001-site1.jtempurl.com/images/favicon.gif | 45.58.159.112 | 200 OK | 2.2 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/images/favicon.gif IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typeMS Windows icon resource - 1 icon, 32x32, 8 bits/pixel Hasha6f1af8e79a11829ba9a66474b06bb97 d99e3ec7747c865033a8dfad43c9f49634404bc1 b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /images/favicon.gif HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-0d1208d2-b0e9-4bbf-9f32-3aa501746a22%22%2C%22webViewID%22:null%2C%22lastActivity%22:1713291710615}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1713291710616}; _lr_uf_-mnnzup=054836f1-bb1a-4715-bbe4-5adf8491fd35
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: image/gif
Last-Modified: Sun, 17 Apr 2022 13:25:28 GMT
Accept-Ranges: bytes
ETag: "054819a5e52d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 16 Apr 2024 18:21:50 GMT
Content-Length: 2238
|
|
| ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false | 44.194.99.111 | | 0 B |
URL ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false IP44.194.99.111:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://couriernote-001-site1.jtempurl.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +IEhyDRRiQebuYRAB86bCw==
DNT: 1
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 16 Apr 2024 18:21:50 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Qw+iDE8yEsmLeLbiZs0nGVuUrvs=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover
|
|
| ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false | 44.194.99.111 | | 0 B |
URL ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false IP44.194.99.111:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://couriernote-001-site1.jtempurl.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jE3XpT8cEmsj7XgDde2f/A==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 16 Apr 2024 18:21:53 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NcjJ3w+2olpbARADH5OM7EWSvQE=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover
|
|
| cdn.lr-in.com/logger-1.min.js | 104.21.234.144 | 200 OK | 171 kB |
URL GET HTTP/2cdn.lr-in.com/logger-1.min.js IP104.21.234.144:443
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne CertificateIssuerLet's Encrypt Subjectlr-in.com Fingerprint9C:36:E8:C7:3B:FC:3A:32:F6:4B:7E:92:80:E3:9C:F6:8E:D3:5C:9A ValiditySat, 09 Mar 2024 13:34:25 GMT - Fri, 07 Jun 2024 13:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size171 kB (170580 bytes) Hash17181d1a746df2a2fa3f91f929ec326b 6f8e68d817a3322da8b88ba3de2bb48d32f855e3 aab8eca4156c17a6d02e8f0332c556d0cbebd0a2de33c9b7e1b32d0881dbe6f0
GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 18:21:50 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"82a3247d9a85ac4854430900bd5545c30dd07713487852236b85ae9d69909b79-br"
last-modified: Fri, 12 Apr 2024 22:46:51 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-lcy-eglc8600082-LCY
x-cache: HIT
x-cache-hits: 1
x-timer: S1712962140.133700,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 253
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Lh3H9gV8NxGZT8ZJUVsNSjhBZ1u9gFBmnvVDZ9nY0as0tMYKphTuNQyhMI5ECA8p13lAO9gZ4xhai8v6fZtiJRmMK3OobrgFh6thSkN4hd9PijN8oJfn5okCY2GXtHy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875632860aee23c0-LHR
content-encoding: br
|
|
| r.lr-in.com/i?a=mnnzup%2Fdus&r=5-0d1208d2-b0e9-4bbf-9f32-3aa501746a22&t=10942e4d-2892-4464-9114-fd06c7eb7688&s=0&rs=0%2Cu&u=8b07917e-851d-4650-9276-80c80fc2d516&is=1 | 104.198.23.205 | 201 Created | 165 B |
URL POST HTTP/2r.lr-in.com/i?a=mnnzup%2Fdus&r=5-0d1208d2-b0e9-4bbf-9f32-3aa501746a22&t=10942e4d-2892-4464-9114-fd06c7eb7688&s=0&rs=0%2Cu&u=8b07917e-851d-4650-9276-80c80fc2d516&is=1 IP104.198.23.205:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne CertificateIssuerLet's Encrypt Subjectapi.logrocket.com Fingerprint3E:B3:D8:9E:94:E5:B8:E0:B2:FB:40:36:42:BA:B1:67:70:1E:A1:A3 ValidityFri, 05 Apr 2024 14:45:08 GMT - Thu, 04 Jul 2024 14:45:07 GMT
Hash718ccbcd55db37c391512cb65953b9b4 f64b3bc2a1d438df87245b98925a2f7ce8f7a199 96cc9d14ff0939bd8435e082d7875ceba84b9a575dcf27cfec1e97adf2e3fa7a
POST /i?a=mnnzup%2Fdus&r=5-0d1208d2-b0e9-4bbf-9f32-3aa501746a22&t=10942e4d-2892-4464-9114-fd06c7eb7688&s=0&rs=0%2Cu&u=8b07917e-851d-4650-9276-80c80fc2d516&is=1 HTTP/1.1
Host: r.lr-in.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LogRocket-Relay-Version: 2023.12.0
Content-Length: 393626
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 201 Created
date: Tue, 16 Apr 2024 18:21:54 GMT
content-type: application/json; charset=utf-8
content-length: 165
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
etag: W/"a5-9ks7wqHUON+HJFuYklovfOj3oZk"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=f7165dd215 | 104.21.26.223 | 200 OK | 104 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=f7165dd215 IP104.21.26.223:443
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (65321) Size104 kB (103541 bytes) Hash7f29cd8c97789aa298af8c61623ca28b af8109e0e5c8bb2c1c3ab44ba7b5d25900ca454a 3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1
GET /releases/v6.5.2/css/free.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://couriernote-001-site1.jtempurl.com/
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 18:21:50 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"7f29cd8c97789aa298af8c61623ca28b"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 86L0yJ-hWmVjxK87P_BKMwU2Ba--VlLHn28vsBVySe2EJ4URrKLvdQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WFfq9wbPVrvSFhnEFGeHrY2bGcqweEtTdDzYrl2lzBvD%2B3j%2B34ffGekzxe0pqKQGzfs3IlSYuxcmdcgh%2BXzyxP20Si3m8KBrejODYV3XmNmmUEqGFUnbIIRYsZAOEPsR4CBelGlDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875632858ef656be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=f7165dd215 | 104.21.26.223 | 200 OK | 1.8 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=f7165dd215 IP104.21.26.223:443
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (1803), with no line terminators Hash36f549800bc029aaadd0d7ac3d1d0f54 45bfcbb57c0155a2f22a47117deae6dc87706d4a 4048a832df1b9ac88058b1964ab9c45300daf6c10b0a02d697a29d729a81ea30
GET /releases/v6.5.2/css/free-v4-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://couriernote-001-site1.jtempurl.com/
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 18:21:50 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"9c9f596493867f0e7ef5f9fe99103fce"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EQN4BAWw_kjPfjcwrpXx5SWJWbzs8Dh3Utx_bmcPsf0UXXZekT0Vdg==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=arvmbqcCRzTjuZuIuHfRIblUO3YwnR15fm1%2Bd1elmE4LlGRtBwAOXDYQOnyvIWyX1cPaw8CV0IbHlRSjQ%2FNFcLLGNUKsD05qhXlwQB59YZ%2BNA0dSVE2et4dBBBz3Vf%2BSBfFO%2BrohTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875632857eee56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f | 45.58.159.112 | 404 Not Found | 6.6 kB |
URL GET HTTP/1.1couriernote-001-site1.jtempurl.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f IP45.58.159.112:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
File typeHTML document, ASCII text, with very long lines (6693), with no line terminators Hash637c64dcfa59899545c1dce3f050200d 8cf7d3405932c23d2b4ee4c3473a611cb924c05f bc61d266b689e585d2ae0c93c625d665dff0f4dfcbfc0263df35ca4c1bb1494f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL | OpenPhish | phishing | DHL Airways, Inc. |
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1
Host: couriernote-001-site1.jtempurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpkbXBZa2lQNldRZHpMWkg0UmFTS0E9PSIsInZhbHVlIjoiZHZnOHMwaGdjMnlyeWVXZHArNUN6dTZ4ZFNhNnhJc2NSV05JRjU1US9TcHVSN3VleUZEQk9aUjZvdy9ZYmxaK0dBeGdkK04xbDcxdnZCc0RWMHpmRzhYS2xsSE01eE0wR0dJdDZEZUNlMU5vUFF1dS9ZdUhBWXF2NDBjYVB4dTgiLCJtYWMiOiIxZDA1MWU0MDMyMGZmNTFkZGQ1YWE4NmQ1OWFjYmU5ZmJhMzEwZWFmZDE3ZTAyNzM5YWZhN2UyYjI5YTc0YzVkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Im9pTjRCSDdoVTZadVRTa3F1VDJJMnc9PSIsInZhbHVlIjoienhxS3hvZnlWd3RNNWhVQUdtd2FIN2xCbjlORkdPWjI2UzAwRDJwTGxldzlTbU80RjdhK0YrOGRaL0VOaGhXVTNjVW52YkRzY1BiQVIvUVdySlhhUkwvYm1PNnk2d25NQ01IUGRXdEFUT3ZqcGYwbkV4a3pRdnAwblFycGdVTFgiLCJtYWMiOiIxMDQwNmQ5MDE5NzQ1NTQxNzdiY2Y1ZDI0ZjIzODI3MzgwMDQyYjUwOWI1ZTk3Mzk1OGIxZDk5ZWU1Yjk0OTYyIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.23, ASP.NET
Date: Tue, 16 Apr 2024 18:21:50 GMT
Content-Length: 2123
|
|
| ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=f7165dd215 | 104.21.26.223 | 200 OK | 823 B |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=f7165dd215 IP104.21.26.223:443
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (845), with no line terminators Hashd8a0274a5097af25642c9310d6d4bb3e 61512d739400e60d9360863446eaf008395859fb 84f5ae05668bcfe4bd7447d5035e909686423e998d8dfc2c96789875ef78cdd3
GET /releases/v6.5.2/css/free-v5-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://couriernote-001-site1.jtempurl.com/
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 18:21:50 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6Q4O_ntgjRd5wervDdxiowY5PfvkMK8spAoxaehzdVJ2l5I2ivF29g==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfIp0z4ofbctDV2k8FI2G0MQdKkBjFIr%2FvJpWp4%2FyH9N9FP97r13Mk4bdoxLKebcPG0IHmpjr0BHhOOIQ0md5%2F85CA%2Ffo61M2OlsnFeDzx0Vjd28aal3C4xmtXlBR%2FkG63z2vjg%2Bbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87563286180156be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false | 44.194.99.111 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false IP44.194.99.111:80
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://couriernote-001-site1.jtempurl.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +IEhyDRRiQebuYRAB86bCw==
DNT: 1
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 16 Apr 2024 18:21:50 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Qw+iDE8yEsmLeLbiZs0nGVuUrvs=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover
|
|
| ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false | 44.194.99.111 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false IP44.194.99.111:443
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne CertificateIssuerAmazon Subjectpusher.com Fingerprint7F:21:03:8F:D0:81:ED:06:33:D6:8D:83:17:DA:79:19:72:2E:BF:39 ValiditySun, 25 Jun 2023 00:00:00 GMT - Wed, 24 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://couriernote-001-site1.jtempurl.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jE3XpT8cEmsj7XgDde2f/A==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 16 Apr 2024 18:21:53 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NcjJ3w+2olpbARADH5OM7EWSvQE=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover
|
|
| ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=f7165dd215 | 104.21.26.223 | 200 OK | 28 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=f7165dd215 IP104.21.26.223:443
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (27377) Hash940b066040a876fa1dc7b2ee2d222a58 64b2aea0b4d60d879d4ff7540192a906ffc0fd92 f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075
GET /releases/v6.5.2/css/free-v4-shims.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://couriernote-001-site1.jtempurl.com/
Origin: http://couriernote-001-site1.jtempurl.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 18:21:50 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"940b066040a876fa1dc7b2ee2d222a58"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OYf54piaObezPw0Cez6pAlb2trY_tTx6wG7APjKZ54H778m4bojI3A==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57iAxzGPR%2BEke6LPIdw8yaarHG2VWYsnQCxPkVC26utGdphgFn4harY7%2BcNHWldr07wgo%2BM6npUkYp1r9aXTW9YJwvYDVAPsxNQbyPzK17lKMmvvMOgq6GuEE5tPRS3iY7WFrFMFGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875632857ee656be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| files.killbot.org/.cdn-cgi/killbot-security.js | 0.0.0.0 | | 0 B |
URL GET files.killbot.org/.cdn-cgi/killbot-security.js IP0.0.0.0:0
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /.cdn-cgi/killbot-security.js HTTP/1.1
Host: files.killbot.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| files.killbot.org/.cdn-cgi/killbot-security.js | 0.0.0.0 | | 0 B |
URL GET files.killbot.org/.cdn-cgi/killbot-security.js IP0.0.0.0:0
Requested byhttp://couriernote-001-site1.jtempurl.com/B92hrMmGVjbty8XwmoiMM2Z6CEPT65Ne
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /.cdn-cgi/killbot-security.js HTTP/1.1
Host: files.killbot.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://couriernote-001-site1.jtempurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|