Report - dhlzollkundel.sviluppo.host/kudnel-paket/cc.php

Report Overview

Submitted URL
dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
IP
149.62.187.250
ASN
#47242 Host SpA
Submitted
2024-04-20 02:02:30
Access
public
Website Title
Globale Logistik - Internationaler Versand | DHL Home | Schweiz
Final URL
dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Tags
dhl logistics phishing
urlquery detections
Phishing - DHL

Detections

urlquery
13
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dhlzollkundel.sviluppo.host	unknown	unknown	No data	No data	6.5 kB	315 kB	149.62.187.250
i.ibb.co	13485	unknown	2018-11-25	2024-04-19	447 B	22 kB	162.19.58.157
www.freepnglogos.com	169270	2016-10-07	2017-02-09	2024-04-18	485 B	27 kB	78.46.22.25
dhl-gohelp-dev.metadeploy.com	unknown	2013-04-29	2020-04-17	2024-03-07	492 B	650 kB	20.218.253.191
assets.dpdhl-brands.com	unknown	2018-10-31	2022-02-21	2024-03-07	523 B	203 kB	13.107.213.53
www.dhl.com	40018	1989-05-25	2012-07-02	2024-04-13	470 B	1.4 kB	96.6.17.154
pro.fontawesome.com	5887	2012-10-18	2018-03-17	2024-04-19	492 B	157 kB	104.18.40.68
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-19	459 B	3.4 kB	104.17.24.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2024-04-19	medium	dhlzollkundel.sviluppo.host/kudnel-paket/cc.php	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	dhlzollkundel.sviluppo.host/kudnel-paket/js/html5shiv.min.js	2.7 kB	2023-03-07	2024-05-03
Pretty URL dhlzollkundel.sviluppo.host/kudnel-paket/js/html5shiv.min.js IP 149.62.187.250 ASN #47242 Host SpA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:04 Last Seen2024-05-03 03:38:14 Times Seen662 Hash 40bd440d29b3a9371b0c63fec41ee64f e790c26449c57de298923c686cb3434d1d461a1d dc9cbf19b48bae0d28f72e59e67d6ec34ab1644087ec2e8e42954180d1586b48 Loading...

	dhlzollkundel.sviluppo.host/kudnel-paket/js/respond.min.js	4.6 kB	2023-03-07	2024-05-03
Pretty URL dhlzollkundel.sviluppo.host/kudnel-paket/js/respond.min.js IP 149.62.187.250 ASN #47242 Host SpA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:04 Last Seen2024-05-03 03:38:14 Times Seen351 Hash 78915bb8b3dd6696d3842d82ed48b104 504cce482567765d63843d7b9d00c4195109c449 1944a255577a8ed66ae984c6f6356281ff6f29dc84a2af6f1facf258c7dab62e Loading...

	dhlzollkundel.sviluppo.host/kudnel-paket/js/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-05-03
Pretty URL dhlzollkundel.sviluppo.host/kudnel-paket/js/jquery-3.5.1.min.js IP 149.62.187.250 ASN #47242 Host SpA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-03 13:54:16 Times Seen141114 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	dhlzollkundel.sviluppo.host/kudnel-paket/js/bootstrap.min.js	62 kB	2023-03-07	2024-05-03
Pretty URL dhlzollkundel.sviluppo.host/kudnel-paket/js/bootstrap.min.js IP 149.62.187.250 ASN #47242 Host SpA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:38 Last Seen2024-05-03 03:38:14 Times Seen653 Hash cabc5d07dec4c381f521bbcd41c009db ca329d086682a4d75b5528d326a66a6d3fffab13 2909d4fa86cf09191e768576e1a6eab7f2635a2627549c45d29595ffac9c0da9 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js	8.5 kB	2023-03-07	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-30 20:08:29 Times Seen2942 Hash ae3f52c2166f5c09f5f3ceeda2c15f01 7d5b0613ee02bc0f39f546443f338c806634c5f6 6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37 Loading...

	dhlzollkundel.sviluppo.host/kudnel-paket/cc.php	176 B	2023-03-11	2024-04-23
Pretty URL dhlzollkundel.sviluppo.host/kudnel-paket/cc.php IP 149.62.187.250 ASN #47242 Host SpA Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 11:24:47 Last Seen2024-04-23 02:03:59 Times Seen23 Hash 5c8c2884a07ed5f1e757a08bb897f501 3a15219f9fd425806260f32ad97d68b74676ed16 e7f6597d2d20faf6ae96078ec9489989575d99471463584da46c0a9d24bda10e Loading...

HTTP Transactions (19)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js

104.17.24.14

200 OK

2.4 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (8392)
Size
2.4 kB (2420 bytes)
Hash
ae3f52c2166f5c09f5f3ceeda2c15f01
7d5b0613ee02bc0f39f546443f338c806634c5f6
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37

HTTP Headers

GET /ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Apr 2024 02:02:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 2420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-210b"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1334675
expires: Thu, 10 Apr 2025 02:02:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XoxSLz9ZCutbRBQcTyphFP2Fx1cVVQWCwmBOFrsvAsxmvhtrMgemfFMUqlP9wppOqQqzhnRZ05E%2BZJqdBoF7DH9CjhzmETP9wiY5cgNeE90HWGfO6dlJ1XZf8opHAXHdmO8demFb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87718cd3fea656c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dhlzollkundel.sviluppo.host/kudnel-paket/css/bootstrap.css

149.62.187.250

200 OK

22 kB

URL GET HTTP/3
dhlzollkundel.sviluppo.host/kudnel-paket/css/bootstrap.css
IP
149.62.187.250:443
ASN
#47242 Host SpA

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectdhlzollkundel.sviluppo.host
FingerprintE1:5D:DE:07:98:5A:AC:AB:32:55:84:D2:90:C3:38:DA:48:28:AA:9D
ValiditySat, 30 Mar 2024 00:08:57 GMT - Fri, 28 Jun 2024 00:08:56 GMT

File type
Unicode text, UTF-8 text, with very long lines (560)
Size
22 kB (21812 bytes)
Hash
052dfc723bbdf659b1528e37b1472301
a06f1b5340a4dceaa9a8e044d0248ab48fcb7e17
0c159070e198b7ed2a9162d6c9751f5914ff62803914d8512d60b1f5ffde4334

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /kudnel-paket/css/bootstrap.css HTTP/1.1
Host: dhlzollkundel.sviluppo.host
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Cookie: PHPSESSID=47bb526038945218b15d15115e7bf64c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 27 Apr 2024 02:02:04 GMT
content-type: text/css
last-modified: Mon, 07 Dec 2020 14:50:12 GMT
etag: "2f1f7-5fce4124-de41a2cad28186ee;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 21812
date: Sat, 20 Apr 2024 02:02:04 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

dhlzollkundel.sviluppo.host/kudnel-paket/css/test.css

149.62.187.250

200 OK

710 B

URL GET HTTP/3
dhlzollkundel.sviluppo.host/kudnel-paket/css/test.css
IP
149.62.187.250:443
ASN
#47242 Host SpA

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectdhlzollkundel.sviluppo.host
FingerprintE1:5D:DE:07:98:5A:AC:AB:32:55:84:D2:90:C3:38:DA:48:28:AA:9D
ValiditySat, 30 Mar 2024 00:08:57 GMT - Fri, 28 Jun 2024 00:08:56 GMT

File type
ASCII text, with CRLF line terminators
Size
710 B (710 bytes)
Hash
60591785204e90f8c7bfbf587a239d5a
f4e73fcf4c451019e326e361a2cb30e2b497ab8d
2d6f82521b4bcb57d4540c0f344e8e313a7fee355a4d219fefcf0505db04b460

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /kudnel-paket/css/test.css HTTP/1.1
Host: dhlzollkundel.sviluppo.host
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Cookie: PHPSESSID=47bb526038945218b15d15115e7bf64c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 27 Apr 2024 02:02:04 GMT
content-type: text/css
last-modified: Sun, 07 Aug 2022 14:20:20 GMT
etag: "7cc-62efca24-1ef6892dac302762;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 710
date: Sat, 20 Apr 2024 02:02:04 GMT
server: LiteSpeed

dhlzollkundel.sviluppo.host/kudnel-paket/js/html5shiv.min.js

149.62.187.250

200 OK

1.2 kB

URL GET HTTP/3
dhlzollkundel.sviluppo.host/kudnel-paket/js/html5shiv.min.js
IP
149.62.187.250:443
ASN
#47242 Host SpA

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectdhlzollkundel.sviluppo.host
FingerprintE1:5D:DE:07:98:5A:AC:AB:32:55:84:D2:90:C3:38:DA:48:28:AA:9D
ValiditySat, 30 Mar 2024 00:08:57 GMT - Fri, 28 Jun 2024 00:08:56 GMT

File type
JavaScript source, ASCII text, with very long lines (2639)
Size
1.2 kB (1200 bytes)
Hash
40bd440d29b3a9371b0c63fec41ee64f
e790c26449c57de298923c686cb3434d1d461a1d
dc9cbf19b48bae0d28f72e59e67d6ec34ab1644087ec2e8e42954180d1586b48

HTTP Headers

GET /kudnel-paket/js/html5shiv.min.js HTTP/1.1
Host: dhlzollkundel.sviluppo.host
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Cookie: PHPSESSID=47bb526038945218b15d15115e7bf64c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 27 Apr 2024 02:02:04 GMT
content-type: application/javascript
last-modified: Mon, 21 Aug 2017 20:37:38 GMT
etag: "aaa-599b4492-425ad526d6da0625;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1200
date: Sat, 20 Apr 2024 02:02:04 GMT
server: LiteSpeed

dhlzollkundel.sviluppo.host/kudnel-paket/js/respond.min.js

149.62.187.250

200 OK

2.0 kB

URL GET HTTP/3
dhlzollkundel.sviluppo.host/kudnel-paket/js/respond.min.js
IP
149.62.187.250:443
ASN
#47242 Host SpA

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectdhlzollkundel.sviluppo.host
FingerprintE1:5D:DE:07:98:5A:AC:AB:32:55:84:D2:90:C3:38:DA:48:28:AA:9D
ValiditySat, 30 Mar 2024 00:08:57 GMT - Fri, 28 Jun 2024 00:08:56 GMT

File type
JavaScript source, ASCII text, with very long lines (4453)
Size
2.0 kB (2037 bytes)
Hash
78915bb8b3dd6696d3842d82ed48b104
504cce482567765d63843d7b9d00c4195109c449
1944a255577a8ed66ae984c6f6356281ff6f29dc84a2af6f1facf258c7dab62e

HTTP Headers

GET /kudnel-paket/js/respond.min.js HTTP/1.1
Host: dhlzollkundel.sviluppo.host
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Cookie: PHPSESSID=47bb526038945218b15d15115e7bf64c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 27 Apr 2024 02:02:04 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2017 04:50:18 GMT
etag: "11f1-588ad18a-54b2fe5fb3b3caa;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2037
date: Sat, 20 Apr 2024 02:02:04 GMT
server: LiteSpeed

dhlzollkundel.sviluppo.host/kudnel-paket/image/dhl-logo.svg

149.62.187.250

200 OK

648 B

URL GET HTTP/3
dhlzollkundel.sviluppo.host/kudnel-paket/image/dhl-logo.svg
IP
149.62.187.250:443
ASN
#47242 Host SpA

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectdhlzollkundel.sviluppo.host
FingerprintE1:5D:DE:07:98:5A:AC:AB:32:55:84:D2:90:C3:38:DA:48:28:AA:9D
ValiditySat, 30 Mar 2024 00:08:57 GMT - Fri, 28 Jun 2024 00:08:56 GMT

File type
SVG Scalable Vector Graphics image
Size
648 B (648 bytes)
Hash
3fecc9db35d5d2a9e6e71ab4b02d22e5
628ba2f505b480097445aaf08649a08242bd6847
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /kudnel-paket/image/dhl-logo.svg HTTP/1.1
Host: dhlzollkundel.sviluppo.host
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Cookie: PHPSESSID=47bb526038945218b15d15115e7bf64c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 27 Apr 2024 02:02:04 GMT
content-type: image/svg+xml
last-modified: Sun, 07 Aug 2022 13:19:58 GMT
etag: "643-62efbbfe-d4cc4787e5c65b74;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 648
date: Sat, 20 Apr 2024 02:02:04 GMT
server: LiteSpeed

dhlzollkundel.sviluppo.host/kudnel-paket/image/card.png

149.62.187.250

200 OK

4.6 kB

URL GET HTTP/3
dhlzollkundel.sviluppo.host/kudnel-paket/image/card.png
IP
149.62.187.250:443
ASN
#47242 Host SpA

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectdhlzollkundel.sviluppo.host
FingerprintE1:5D:DE:07:98:5A:AC:AB:32:55:84:D2:90:C3:38:DA:48:28:AA:9D
ValiditySat, 30 Mar 2024 00:08:57 GMT - Fri, 28 Jun 2024 00:08:56 GMT

File type
PNG image data, 249 x 42, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4557 bytes)
Hash
f02f8bc18e7580c1e491d0009537f878
74d7035cfc31406b1fed699501dd68892ce38faf
8b69fb0ee936f66308c49a4ee93c7d24ceb0f974f9b29f42edb137e8cd6ebc6d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /kudnel-paket/image/card.png HTTP/1.1
Host: dhlzollkundel.sviluppo.host
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Cookie: PHPSESSID=47bb526038945218b15d15115e7bf64c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 27 Apr 2024 02:02:04 GMT
content-type: image/png
last-modified: Wed, 06 Oct 2021 01:09:24 GMT
etag: "11cd-615cf744-d9dc6304899ed89f;;;"
accept-ranges: bytes
content-length: 4557
date: Sat, 20 Apr 2024 02:02:04 GMT
server: LiteSpeed
vary: User-Agent

dhlzollkundel.sviluppo.host/kudnel-paket/image/media.png

149.62.187.250

200 OK

1.6 kB

URL GET HTTP/3
dhlzollkundel.sviluppo.host/kudnel-paket/image/media.png
IP
149.62.187.250:443
ASN
#47242 Host SpA

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectdhlzollkundel.sviluppo.host
FingerprintE1:5D:DE:07:98:5A:AC:AB:32:55:84:D2:90:C3:38:DA:48:28:AA:9D
ValiditySat, 30 Mar 2024 00:08:57 GMT - Fri, 28 Jun 2024 00:08:56 GMT

File type
PNG image data, 68 x 19, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1566 bytes)
Hash
a41afa7db420a45ee73680b53e34d0c6
74790de0d9a731dcabdcf95856a82e7ae7853759
2a032fa265ae439e56a80e3d76f47ac554380de3bfc817a857924d7ea48e1626

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /kudnel-paket/image/media.png HTTP/1.1
Host: dhlzollkundel.sviluppo.host
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Cookie: PHPSESSID=47bb526038945218b15d15115e7bf64c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 27 Apr 2024 02:02:04 GMT
content-type: image/png
last-modified: Mon, 04 Oct 2021 22:56:34 GMT
etag: "61e-615b86a2-ee64adfe26186961;;;"
accept-ranges: bytes
content-length: 1566
date: Sat, 20 Apr 2024 02:02:04 GMT
server: LiteSpeed
vary: User-Agent

dhlzollkundel.sviluppo.host/kudnel-paket/js/jquery-3.5.1.min.js

149.62.187.250

200 OK

30 kB

URL GET HTTP/3
dhlzollkundel.sviluppo.host/kudnel-paket/js/jquery-3.5.1.min.js
IP
149.62.187.250:443
ASN
#47242 Host SpA

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectdhlzollkundel.sviluppo.host
FingerprintE1:5D:DE:07:98:5A:AC:AB:32:55:84:D2:90:C3:38:DA:48:28:AA:9D
ValiditySat, 30 Mar 2024 00:08:57 GMT - Fri, 28 Jun 2024 00:08:56 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30280 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /kudnel-paket/js/jquery-3.5.1.min.js HTTP/1.1
Host: dhlzollkundel.sviluppo.host
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Cookie: PHPSESSID=47bb526038945218b15d15115e7bf64c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 27 Apr 2024 02:02:04 GMT
content-type: application/javascript
last-modified: Mon, 23 Nov 2020 23:18:24 GMT
etag: "15d84-5fbc4340-1712b1121c52ed58;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30280
date: Sat, 20 Apr 2024 02:02:04 GMT
server: LiteSpeed

dhlzollkundel.sviluppo.host/kudnel-paket/js/bootstrap.min.js

149.62.187.250

200 OK

15 kB

URL GET HTTP/3
dhlzollkundel.sviluppo.host/kudnel-paket/js/bootstrap.min.js
IP
149.62.187.250:443
ASN
#47242 Host SpA

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectdhlzollkundel.sviluppo.host
FingerprintE1:5D:DE:07:98:5A:AC:AB:32:55:84:D2:90:C3:38:DA:48:28:AA:9D
ValiditySat, 30 Mar 2024 00:08:57 GMT - Fri, 28 Jun 2024 00:08:56 GMT

File type
JavaScript source, ASCII text, with very long lines (62126)
Size
15 kB (15376 bytes)
Hash
cabc5d07dec4c381f521bbcd41c009db
ca329d086682a4d75b5528d326a66a6d3fffab13
2909d4fa86cf09191e768576e1a6eab7f2635a2627549c45d29595ffac9c0da9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /kudnel-paket/js/bootstrap.min.js HTTP/1.1
Host: dhlzollkundel.sviluppo.host
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Cookie: PHPSESSID=47bb526038945218b15d15115e7bf64c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 27 Apr 2024 02:02:04 GMT
content-type: application/javascript
last-modified: Mon, 07 Dec 2020 14:50:12 GMT
etag: "f3cb-5fce4124-310999e38bfc0137;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 15376
date: Sat, 20 Apr 2024 02:02:04 GMT
server: LiteSpeed

i.ibb.co/prKZWG0/dhl-logo-png-699118.png

162.19.58.157

200 OK

21 kB

URL GET HTTP/2
i.ibb.co/prKZWG0/dhl-logo-png-699118.png
IP
162.19.58.157:443
ASN
#16276 OVH SAS

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint47:33:B4:39:55:FC:BC:18:08:79:9C:6C:9D:F3:CF:3A:89:C4:99:62
ValidityWed, 07 Feb 2024 12:41:56 GMT - Tue, 07 May 2024 12:41:55 GMT

File type
PNG image data, 505 x 225, 8-bit/color RGBA, non-interlaced
Size
21 kB (21412 bytes)
Hash
832e617b4837837a399db4553d3b9006
375a6e2a12d4d202409eca97fc58ec523db71ba9
6a84361e901540d66f66e867e36d88efac9125ed99b82f5c5f932d7695bcf077

HTTP Headers

GET /prKZWG0/dhl-logo-png-699118.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 02:02:04 GMT
content-type: image/png
content-length: 21412
last-modified: Tue, 16 Aug 2022 11:47:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

dhlzollkundel.sviluppo.host/kudnel-paket/image/1.png

149.62.187.250

200 OK

221 kB

URL GET HTTP/3
dhlzollkundel.sviluppo.host/kudnel-paket/image/1.png
IP
149.62.187.250:443
ASN
#47242 Host SpA

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectdhlzollkundel.sviluppo.host
FingerprintE1:5D:DE:07:98:5A:AC:AB:32:55:84:D2:90:C3:38:DA:48:28:AA:9D
ValiditySat, 30 Mar 2024 00:08:57 GMT - Fri, 28 Jun 2024 00:08:56 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1872x1053, components 3
Size
221 kB (220731 bytes)
Hash
24ddcbeb05a42af090fafea38b435782
085360849618a90051493da894074c5e642a7c98
b0e586ba9223e2743207a4fa5c991de6059df2938a91d12a545fb02af133cae5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /kudnel-paket/image/1.png HTTP/1.1
Host: dhlzollkundel.sviluppo.host
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Cookie: PHPSESSID=47bb526038945218b15d15115e7bf64c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 27 Apr 2024 02:02:04 GMT
content-type: image/png
last-modified: Tue, 02 Aug 2022 11:23:26 GMT
etag: "35e3b-62e9092e-c5e50b2aa04be515;;;"
accept-ranges: bytes
content-length: 220731
date: Sat, 20 Apr 2024 02:02:04 GMT
server: LiteSpeed
vary: User-Agent

dhlzollkundel.sviluppo.host/kudnel-paket/css/paper.gif

149.62.187.250

404 Not Found

1.2 kB

URL GET HTTP/3
dhlzollkundel.sviluppo.host/kudnel-paket/css/paper.gif
IP
149.62.187.250:443
ASN
#47242 Host SpA

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectdhlzollkundel.sviluppo.host
FingerprintE1:5D:DE:07:98:5A:AC:AB:32:55:84:D2:90:C3:38:DA:48:28:AA:9D
ValiditySat, 30 Mar 2024 00:08:57 GMT - Fri, 28 Jun 2024 00:08:56 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /kudnel-paket/css/paper.gif HTTP/1.1
Host: dhlzollkundel.sviluppo.host
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/kudnel-paket/css/test.css
Cookie: PHPSESSID=47bb526038945218b15d15115e7bf64c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 20 Apr 2024 02:02:04 GMT
server: LiteSpeed
vary: User-Agent

www.freepnglogos.com/uploads/dhl-png-logo/dhl-simply-delivered-png-logo-11.png

78.46.22.25

200 OK

27 kB

URL GET HTTP/2
www.freepnglogos.com/uploads/dhl-png-logo/dhl-simply-delivered-png-logo-11.png
IP
78.46.22.25:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectfreepnglogos.com
Fingerprint58:80:0B:38:10:AC:0D:46:99:F2:1E:50:E5:2A:A1:8C:62:D0:D2:39
ValidityTue, 12 Mar 2024 22:31:19 GMT - Mon, 10 Jun 2024 22:31:18 GMT

File type
PNG image data, 945 x 210, 8-bit/color RGBA, non-interlaced
Size
27 kB (26707 bytes)
Hash
10f9bf7206173d6246bd0a73ae5e607f
4f3e10ff4f9d1b37fbdf54aa1a234b0791aaaa07
f7af590e280092c9e8b0889c8161e4ce8928806acac4bee08a729320d1a2a63d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /uploads/dhl-png-logo/dhl-simply-delivered-png-logo-11.png HTTP/1.1
Host: www.freepnglogos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 20 Apr 2024 02:02:04 GMT
content-type: image/png
content-length: 26707
last-modified: Sat, 20 Aug 2022 14:09:55 GMT
etag: "6300eb33-6853"
cache-control: no-cache, must-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2

dhl-gohelp-dev.metadeploy.com/csr/en/static/media/infographic_background.ce90cb56.png

20.218.253.191

200 OK

649 kB

URL GET HTTP/1.1
dhl-gohelp-dev.metadeploy.com/csr/en/static/media/infographic_background.ce90cb56.png
IP
20.218.253.191:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerLet's Encrypt
Subjectdhl-gohelp-dev.metadeploy.com
Fingerprint99:BF:AB:30:54:D8:15:CD:5F:94:D4:0C:F9:73:57:E6:91:37:C0:81
ValiditySun, 07 Apr 2024 15:38:51 GMT - Sat, 06 Jul 2024 15:38:50 GMT

File type
PNG image data, 1921 x 1001, 8-bit/color RGB, non-interlaced
Size
649 kB (649398 bytes)
Hash
398ff0e7085f7afb18c980df9d81b567
b3fe40a482db97a0415fd90bed6b69a14a8ee46b
2ae38bdc63d4bb54b8c15c1235759efff80dfe1add25efa6b6425724e5ded5dc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /csr/en/static/media/infographic_background.ce90cb56.png HTTP/1.1
Host: dhl-gohelp-dev.metadeploy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 20 Apr 2024 02:02:05 GMT
Server: 
Strict-Transport-Security: max-age=63072000
Last-Modified: Sat, 20 Mar 2021 13:09:03 GMT
Accept-Ranges: bytes
Content-Length: 649398
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: all
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: enforce, max-age=21600
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/png

assets.dpdhl-brands.com/guides/dhl/guides/design-basics/key-visuals/dhl-key-visuals-main-key-visuals-dhl-express.jpg

13.107.213.53

200 OK

202 kB

URL GET HTTP/2
assets.dpdhl-brands.com/guides/dhl/guides/design-basics/key-visuals/dhl-key-visuals-main-key-visuals-dhl-express.jpg
IP
13.107.213.53:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerDigiCert Inc
Subjectassets.dpdhl-brands.com
FingerprintF9:C8:02:F5:B9:34:6F:4C:4D:6E:9F:BF:E6:E1:9D:19:56:07:A7:0D
ValidityThu, 07 Dec 2023 00:00:00 GMT - Sat, 07 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 2048x1025, components 3
Size
202 kB (202108 bytes)
Hash
af26d0df965a6346554d42cf201a214c
20ff9389f2097240e34be44220ace88fa0153a74
88cf308d80641d9db46360b2a30c090601e118245d6b22c83f19c8be576fac2a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /guides/dhl/guides/design-basics/key-visuals/dhl-key-visuals-main-key-visuals-dhl-express.jpg HTTP/1.1
Host: assets.dpdhl-brands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Apr 2024 02:02:05 GMT
content-type: image/jpeg
content-length: 202108
last-modified: Sat, 06 May 2023 08:41:05 GMT
x-rgw-object-type: Normal
etag: "af26d0df965a6346554d42cf201a214c"
x-amz-meta-s3cmd-attrs: atime:1683283440/ctime:1683283060/gid:20/gname:staff/md5:af26d0df965a6346554d42cf201a214c/mode:33188/mtime:1683283060/uid:501/uname:cstockinger
x-amz-request-id: tx0000019d1830cac9fe4e4-006623221d-f3d33cf8-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
x-azure-ref: 20240420T020204Z-16c4f695cc5knmkg80umz0nt7g00000000m0000000002q1t
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/favicon.ico

96.6.17.154

325 B

URL GET
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/favicon.ico
IP
96.6.17.154:0
ASN
#16625 AKAMAI-AS

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
325 B (325 bytes)
Hash
d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/favicon.ico HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 21 Mar 2024 17:35:32 GMT
etag: W/"47e-6142f225b1fb0-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 325
content-type: image/vnd.microsoft.icon
expires: Sat, 27 Apr 2024 02:02:05 GMT
date: Sat, 20 Apr 2024 02:02:05 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

pro.fontawesome.com/releases/v5.10.0/css/all.css

104.18.40.68

200 OK

156 kB

URL GET HTTP/2
pro.fontawesome.com/releases/v5.10.0/css/all.css
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65393)
Size
156 kB (156228 bytes)
Hash
aa1272633e7e552395d147a499bad186
ddbccb0011dd4868a013b1dcbdb836b7213eb41d
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

HTTP Headers

GET /releases/v5.10.0/css/all.css HTTP/1.1
Host: pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dhlzollkundel.sviluppo.host
DNT: 1
Connection: keep-alive
Referer: https://dhlzollkundel.sviluppo.host/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Apr 2024 02:02:04 GMT
content-type: text/css
x-amz-id-2: Htdiw56U+ntqaC5JOncvdr6SuigFzwVnEl94wOEz2cERFEt7TAd+G3xPiGwbhomcpF/fKxzC16JdnVC/OiDITQ==
x-amz-request-id: 7A3KPWKDANY62TCB
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 16:54:32 GMT
etag: W/"aa1272633e7e552395d147a499bad186"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 166522
server: cloudflare
cf-ray: 87718cd3dca8b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

dhlzollkundel.sviluppo.host/kudnel-paket/cc.php

149.62.187.250

200 OK

10 kB

URL User Request GET HTTP/2
dhlzollkundel.sviluppo.host/kudnel-paket/cc.php
IP
149.62.187.250:443
ASN
#47242 Host SpA

Certificate
IssuerLet's Encrypt
Subjectdhlzollkundel.sviluppo.host
FingerprintE1:5D:DE:07:98:5A:AC:AB:32:55:84:D2:90:C3:38:DA:48:28:AA:9D
ValiditySat, 30 Mar 2024 00:08:57 GMT - Fri, 28 Jun 2024 00:08:56 GMT

File type

Size
10 kB (10188 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /kudnel-paket/cc.php HTTP/1.1
Host: dhlzollkundel.sviluppo.host
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 02:02:04 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
set-cookie: PHPSESSID=47bb526038945218b15d15115e7bf64c; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: br
vary: Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (19)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP