Report - moodle2.cimanti.es

Report Overview

Visited public
2023-12-04 08:49:39
Tags
dhl logistics phishing
URL
moodle2.cimanti.es
Finishing URL
cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
IP / ASN
185.5.124.46
#202207 Aspa Cloud Sl
Title
الخدمات اللوجستية العالمية - الشحن الدولي | صفحة DHL الرئيسية
Phishing - DHL

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
moodle2.cimanti.es	unknown	unknown	No data	No data	485 B	229 B	185.5.124.46
cloud.lacunza.net	unknown	1999-10-22	2023-11-28 20:13:10	2023-12-03 07:39:13	19 kB	253 kB	185.5.125.46
www.dhl.com	40018	1989-05-25	2012-07-02 18:21:37	2023-11-28 19:45:22	3.8 kB	211 kB	96.6.17.154
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2023-12-03 12:57:01	2.0 kB	138 kB	172.64.205.20
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2023-12-03 05:09:04	455 B	12 kB	172.64.147.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	kit.fontawesome.com/2b0499d3bf.js	ScriptElement	12 kB	2023-12-04	2024-08-20
Pretty URL kit.fontawesome.com/2b0499d3bf.js IP 172.64.147.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 09:49 Last Seen2024-08-20 16:50 Times Seen16 Hash 6a26cfe652bf4624be8349f3b9e28d44 37c8e0ee56d8e16d824662ec998da5b860c2dc7b 6cb7278449719ee4d46a944a99b0ce6624f86726839744a136295acca977ee17 Loading...

HTTP Transactions (44)

URL IP Response Size

moodle2.cimanti.es/

185.5.124.46

302 Found

0 B

URL User Request GET HTTP/1.1
moodle2.cimanti.es/
IP
185.5.124.46:443
ASN
#202207 Aspa Cloud Sl

Certificate
IssuerLet's Encrypt
Subjectmoodle2.cimanti.es
Fingerprint9C:D4:AB:EA:A6:0E:A6:0D:00:43:6B:AC:0D:11:17:F4:D3:06:1F:D1
ValiditySat, 02 Dec 2023 18:53:25 GMT - Fri, 01 Mar 2024 18:53:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: moodle2.cimanti.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Mon, 04 Dec 2023 08:49:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://cloud.lacunza.net/
X-Powered-By: PHP/8.0.30, PleskLin

cloud.lacunza.net/

185.5.125.46

302 Found

0 B

URL User Request GET HTTP/1.1
cloud.lacunza.net/
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Mon, 04 Dec 2023 08:49:18 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4; path=/
Location: app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
X-Powered-By: PHP/7.0.33, PleskLin

cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e

185.5.125.46

200 OK

30 kB

URL User Request GET HTTP/1.1
cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1156)
Size
30 kB (30149 bytes)
Hash
292218090fe95c9bc1731a3c66125c51
0934c316902b644d7d9593354f6c775023f02c87
7315ef523435f86e79b80d2bc732bd4f947bc98817289dca7a44fce2afb30251

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:18 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 30149
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PHP/7.0.33, PleskLin

cloud.lacunza.net/app/styles/bundle.d071057f32870c8e483f9e1082373aab.css

185.5.125.46

200 OK

86 kB

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/bundle.d071057f32870c8e483f9e1082373aab.css
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
ASCII text
Size
86 kB (86052 bytes)
Hash
96e36a6fbf650c9a862935d72b83391b
be0b679b5453e38359e73ed81b2e580bc285c5f4
5e2f78269b1a7f428ec9f3a07f9042d548fe85e2dd413911e2d9798ac04d4c15

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/bundle.d071057f32870c8e483f9e1082373aab.css HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: text/css
Last-Modified: Thu, 29 Dec 2022 22:20:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ae12c4-c7f9b"
X-Powered-By: PleskLin
Content-Encoding: br

cloud.lacunza.net/app/styles/clientlib-core.min.css

185.5.125.46

200 OK

34 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/clientlib-core.min.css
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
34 B (34 bytes)
Hash
b104a4a85c21511ada13e2c6e7552d37
475c6eb572d41f86d612ef9d8d64c2cd9ae95980
34a8d4f240f1b7a01d0472d5367e1bc57e17f70a12a91aae37dcac3b33b24732

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/clientlib-core.min.css HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Accel-Version: 0.01
Last-Modified: Thu, 29 Dec 2022 18:46:12 GMT
ETag: W/"1d-5f0fbe6220500"
X-Powered-By: PleskLin
Content-Encoding: br

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-3e828e80f6e985c352eb.woff

96.6.17.154

200 OK

44 kB

URL GET HTTP/2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-3e828e80f6e985c352eb.woff
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
Web Open Font Format, TrueType, length 44260, version 1.66\012- data
Size
44 kB (44219 bytes)
Hash
4a350e02a03ac62e72e9ea575b31ce84
d47b03b96b6e7034a1473a293bb594e597a41dc2
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/default-3e828e80f6e985c352eb.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloud.lacunza.net/
Origin: https://cloud.lacunza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
last-modified: Thu, 17 Nov 2022 12:35:44 GMT
etag: "ace4-5eda9d3ee5eff-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 44219
content-type: application/font-woff
mpulse_cdn_cache: MISS
mpulse_origin_time: 168
cache-control: public, max-age=31536000
expires: Tue, 03 Dec 2024 08:49:19 GMT
date: Mon, 04 Dec 2023 08:49:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-5a6dd86f272b304a8b83.woff

96.6.17.154

200 OK

41 kB

URL GET HTTP/2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-5a6dd86f272b304a8b83.woff
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
Web Open Font Format, TrueType, length 41352, version 1.66\012- data
Size
41 kB (41322 bytes)
Hash
4e23ecf085132857bdb54b4da7373151
a50215c22a591536b21e509100d1707c6886ffd6
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/default-5a6dd86f272b304a8b83.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloud.lacunza.net/
Origin: https://cloud.lacunza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 27 Apr 2023 18:48:09 GMT
etag: "a188-5fa55cc3a1bf1-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 41322
content-type: application/font-woff
cache-control: public, max-age=31536000
expires: Tue, 03 Dec 2024 08:49:19 GMT
date: Mon, 04 Dec 2023 08:49:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-815fcbb4d2c579017011.woff

96.6.17.154

200 OK

41 kB

URL GET HTTP/2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-815fcbb4d2c579017011.woff
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
Web Open Font Format, TrueType, length 41328, version 1.66\012- data
Size
41 kB (41263 bytes)
Hash
e39bd2e2657ce5dd6f9c33df18529233
6db81ebb91bfa67cef8f2f870f03046150568799
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/default-815fcbb4d2c579017011.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloud.lacunza.net/
Origin: https://cloud.lacunza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 27 Apr 2023 08:32:05 GMT
etag: "a170-5fa4d310c72f5-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 41263
content-type: application/font-woff
cache-control: public, max-age=31536000
expires: Tue, 03 Dec 2024 08:49:19 GMT
date: Mon, 04 Dec 2023 08:49:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-da52a17c1b8deb953bfe.woff

96.6.17.154

200 OK

35 kB

URL GET HTTP/2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-da52a17c1b8deb953bfe.woff
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
Web Open Font Format, TrueType, length 34820, version 1.0\012- data
Size
35 kB (34679 bytes)
Hash
078665c330eb91354c06e1dd7e3850a5
00c84f76451fe58596a41658e08a55f81ad4ceeb
8b8888bc016e1313438b7a9a1ca18aa288f6098122265fc03e985ca40e82a27c

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-da52a17c1b8deb953bfe.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloud.lacunza.net/
Origin: https://cloud.lacunza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 23 Feb 2023 14:50:21 GMT
etag: "8804-5f55f21d3ef1a-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 34679
content-type: application/font-woff
cache-control: public, max-age=31536000
expires: Tue, 03 Dec 2024 08:49:19 GMT
date: Mon, 04 Dec 2023 08:49:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-274a65bae9742377aaf0.woff

96.6.17.154

200 OK

41 kB

URL GET HTTP/2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-274a65bae9742377aaf0.woff
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
Web Open Font Format, TrueType, length 41084, version 1.66\012- data
Size
41 kB (41052 bytes)
Hash
03f859bf58e4d37841070de34be7d978
3436d4fa17e7ee470c3d62b08787cfa7de408408
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/default-274a65bae9742377aaf0.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloud.lacunza.net/
Origin: https://cloud.lacunza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Wed, 22 Feb 2023 15:31:06 GMT
etag: W/"a07c-5f54b95b3ea21-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 41052
content-type: application/font-woff
cache-control: public, max-age=31536000
expires: Tue, 03 Dec 2024 08:49:19 GMT
date: Mon, 04 Dec 2023 08:49:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

cloud.lacunza.net/app/styles/bundle.d071057f32870c8e483f9e1082373aab.css

185.5.125.46

200 OK

86 kB

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/bundle.d071057f32870c8e483f9e1082373aab.css
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
ASCII text
Size
86 kB (86052 bytes)
Hash
96e36a6fbf650c9a862935d72b83391b
be0b679b5453e38359e73ed81b2e580bc285c5f4
5e2f78269b1a7f428ec9f3a07f9042d548fe85e2dd413911e2d9798ac04d4c15

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/bundle.d071057f32870c8e483f9e1082373aab.css HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: text/css
Last-Modified: Thu, 29 Dec 2022 22:20:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ae12c4-c7f9b"
X-Powered-By: PleskLin
Content-Encoding: br

cloud.lacunza.net/app/styles/glo-core-tracking-rail.svg

185.5.125.46

200 OK

717 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/glo-core-tracking-rail.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
717 B (717 bytes)
Hash
e42909ccc508772de6cf31619bb50427
bea6a279882ac0077a49f8590766e8d87e914a2e
46098468df2bec8cb50790597de30d089ecd7dcc77432b6a08b9e3ff1a7d7802

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/glo-core-tracking-rail.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 29 Dec 2022 18:46:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ade078-549"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/app/styles/facebook-new.svg

185.5.125.46

200 OK

709 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/facebook-new.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (963)
Size
709 B (709 bytes)
Hash
259d8928a7fd5329b3d7fd80eca2ea2f
a6337de5ff5761b39a319cd7ec3f8b10f201d066
43027752f5a04142e6518a4fd8ef54e7e73cfba7820da9c03c1ad38835f04fe2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/facebook-new.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 29 Dec 2022 18:46:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ade078-57e"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/app/styles/glo-footer-logo.svg

185.5.125.46

200 OK

3.9 kB

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/glo-footer-logo.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (656)
Size
3.9 kB (3886 bytes)
Hash
d1b0e043744fd642282117a03d308b17
d8abe7a0887b804e516c45a344c542e291a1a84b
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/glo-footer-logo.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 29 Dec 2022 18:46:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ade078-2ec0"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-freightshipping.web.175.112.jpg

185.5.125.46

404 Not Found

370 B

URL GET HTTP/1.1
cloud.lacunza.net/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-freightshipping.web.175.112.jpg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
370 B (370 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-freightshipping.web.175.112.jpg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Mar 2021 10:06:23 GMT
ETag: W/"328-5bd3fef8ae5c0"
Content-Encoding: br

cloud.lacunza.net/app/styles/youtube-new.svg

185.5.125.46

200 OK

631 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/youtube-new.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (971)
Size
631 B (631 bytes)
Hash
376247a0b06e705c758fe04978ea9df5
90d50c682c2ea23a9d26926c6eb3d849b7b94661
acd3eaf2b608fb48f9915964c36772b322ad91106508c4490e2a72122db4d347

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/youtube-new.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 29 Dec 2022 18:46:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ade078-584"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/app/styles/glo-core-wizard-bulkletters.svg

185.5.125.46

200 OK

634 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/glo-core-wizard-bulkletters.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
634 B (634 bytes)
Hash
2675cbe725f294695cebc4a0aaa74505
79f51edb2edae65bc9247438206c09b13512c2db
7b7e4adb65aa53b1bc731f15511c53d5beb73f187d5c5f35f19ebbfaf0decbbd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/glo-core-wizard-bulkletters.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 29 Dec 2022 18:46:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ade078-450"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/app/styles/glo-core-aboutus-contact.svg

185.5.125.46

200 OK

729 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/glo-core-aboutus-contact.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
729 B (729 bytes)
Hash
621d506e5c8a200d25767bc06010fef7
dc39f861f4206a5c2c45072bb1db1090ca022407
597649961adc705bcbffe79a3187ab1c7360a499fe285613490f5aa8e5eb4145

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/glo-core-aboutus-contact.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 29 Dec 2022 18:46:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ade078-508"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/app/styles/linkedIn-new.svg

185.5.125.46

200 OK

764 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/linkedIn-new.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1204)
Size
764 B (764 bytes)
Hash
43efff953a2a3baf6a2ef0528f55dc07
b510bc0512da7d96cdf29a0f1e343319095776de
c32f1a0f5b093b6b2c8f5df0bf93856359769ee6bbab40975043cd133711d528

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/linkedIn-new.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 29 Dec 2022 18:46:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ade078-66f"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/app/styles/glo-core-tracking-road.svg

185.5.125.46

200 OK

767 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/glo-core-tracking-road.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
767 B (767 bytes)
Hash
0bdb553be0b73b3bf9801e265a5b2934
c7ce06aeb92797d69cc5961328671806d41ab4c5
b5335e0b117f099169020346db0d11cba41d56ff38935733e6987f09bd7ebbf5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/glo-core-tracking-road.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 29 Dec 2022 18:46:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ade078-690"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-parcelsdocuments.web.175.112.jpg

185.5.125.46

404 Not Found

370 B

URL GET HTTP/1.1
cloud.lacunza.net/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-parcelsdocuments.web.175.112.jpg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
370 B (370 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-parcelsdocuments.web.175.112.jpg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Mar 2021 10:06:23 GMT
ETag: W/"328-5bd3fef8ae5c0"
Content-Encoding: br

cloud.lacunza.net/app/styles/dhl-logo.svg

185.5.125.46

200 OK

739 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/dhl-logo.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
739 B (739 bytes)
Hash
3fecc9db35d5d2a9e6e71ab4b02d22e5
628ba2f505b480097445aaf08649a08242bd6847
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/dhl-logo.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 29 Dec 2022 18:46:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ade076-643"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/app/styles/instagram-new.svg

185.5.125.46

200 OK

1.8 kB

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/instagram-new.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4063)
Size
1.8 kB (1764 bytes)
Hash
056511aeb5282ecaab9fbf10ed2273e5
fc29c2c37c4b4a31ad13e80356371e338aef5894
f01c2e1870fcd75ceca3b4c42c3110cb0aa4b933b562cf3d2c7ddd20ce03c7ee

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/instagram-new.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 29 Dec 2022 18:46:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ade078-119c"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/app/styles/glo-core-online.svg

185.5.125.46

200 OK

746 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/glo-core-online.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
746 B (746 bytes)
Hash
3d612e654839ed972b9420e332b03ccc
33137c3f10363632fe66dbe6926ff4b436b25b81
7fb04530877285cb70aba19ab2f3eb8c2fcca66c408ca68715bd58e2dfee2b33

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/glo-core-online.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 29 Dec 2022 18:46:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ade076-6e6"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/app/styles/glo-core-getaquote.svg

185.5.125.46

200 OK

502 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/glo-core-getaquote.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
502 B (502 bytes)
Hash
20224ab70f5524996910c3b856cced70
ca9f089140d5a68f6c4446494082df09c08b6e99
33e4d6ea85fcc033bc1d066cc202ae0a5a64dbbba953dce91874e81391d54eef

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/glo-core-getaquote.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Accel-Version: 0.01
Last-Modified: Thu, 29 Dec 2022 18:46:14 GMT
ETag: W/"312-5f0fbe6408980"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-solution.web.175.112.jpg

185.5.125.46

404 Not Found

370 B

URL GET HTTP/1.1
cloud.lacunza.net/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-solution.web.175.112.jpg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
370 B (370 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-solution.web.175.112.jpg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Mar 2021 10:06:23 GMT
ETag: W/"328-5bd3fef8ae5c0"
Content-Encoding: br

cloud.lacunza.net/app/styles/glo-home-maketing-stage-tracking.web.785.246.jpg

185.5.125.46

200 OK

22 kB

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/glo-home-maketing-stage-tracking.web.785.246.jpg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 785x245, components 3\012- data
Size
22 kB (21573 bytes)
Hash
f29dd8f4a355ac7ecc27f31f5b2bc887
672a2bf8b63b426332ee8f5af3073780ea6ee7fd
246e2fbe4b6f2217862629219543805f4409db6abcae9d39c6151e62ee015251

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/glo-home-maketing-stage-tracking.web.785.246.jpg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/jpeg
Content-Length: 21573
Last-Modified: Thu, 29 Dec 2022 18:46:14 GMT
Connection: keep-alive
ETag: "63ade076-5445"
X-Powered-By: PleskLin
Accept-Ranges: bytes

cloud.lacunza.net/app/styles/glo-core-tracking-ocean.svg

185.5.125.46

200 OK

670 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/glo-core-tracking-ocean.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
670 B (670 bytes)
Hash
e9d3c7621ba05770696f9427c8f7b79a
9a9f8deab831c26d36a6fbe1a1482f2e6370f6ca
fa27d936d088620b27debb4c2a3da24d27346505d247a56d098ae56e3a2da07a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/glo-core-tracking-ocean.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 29 Dec 2022 18:46:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ade078-74c"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/app/styles/glo-core-product-air.svg

185.5.125.46

200 OK

801 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/glo-core-product-air.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
801 B (801 bytes)
Hash
dc5f0040f866c3bae2a6d826e6efc78c
66c1b84358d166588623a5fa2d3bfd9997ec5a8c
0b9219c0bb4070af4eca3f58737b60adf42ed3867bef6fbf9bf935ffa210d02f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/glo-core-product-air.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 29 Dec 2022 18:46:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ade078-5a2"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/app/styles/glo-core-gogreen-warehousing.svg

185.5.125.46

200 OK

468 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/glo-core-gogreen-warehousing.svg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
468 B (468 bytes)
Hash
b35fdccf2d08e3881c190d2619449312
6818f542b225d5cea16f90de6ff82217ee7659a6
bea8a5bcb115d49d5222c79804eeaceadd425c1b36c19396e746749dcc5d9be3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/glo-core-gogreen-warehousing.svg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Accel-Version: 0.01
Last-Modified: Thu, 29 Dec 2022 18:46:16 GMT
ETag: W/"2fc-5f0fbe65f0e00"
X-Powered-By: PleskLin
Content-Encoding: gzip

cloud.lacunza.net/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-parcelsdocuments.web.175.112.jpg

185.5.125.46

404 Not Found

370 B

URL GET HTTP/1.1
cloud.lacunza.net/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-parcelsdocuments.web.175.112.jpg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
370 B (370 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-parcelsdocuments.web.175.112.jpg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Mar 2021 10:06:23 GMT
ETag: W/"328-5bd3fef8ae5c0"
Content-Encoding: br

cloud.lacunza.net/app/styles/saved_resource.html

185.5.125.46

404 Not Found

370 B

URL GET HTTP/1.1
cloud.lacunza.net/app/styles/saved_resource.html
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
370 B (370 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/styles/saved_resource.html HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Mar 2021 10:06:23 GMT
ETag: W/"328-5bd3fef8ae5c0"
Content-Encoding: br

cloud.lacunza.net/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-freightshipping.web.175.112.jpg

185.5.125.46

404 Not Found

370 B

URL GET HTTP/1.1
cloud.lacunza.net/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-freightshipping.web.175.112.jpg
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
370 B (370 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-freightshipping.web.175.112.jpg HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Mar 2021 10:06:23 GMT
ETag: W/"328-5bd3fef8ae5c0"
Content-Encoding: br

cloud.lacunza.net/app/assets/fonts/default-274a65bae9742377aaf0.woff

185.5.125.46

404 Not Found

808 B

URL GET HTTP/1.1
cloud.lacunza.net/app/assets/fonts/default-274a65bae9742377aaf0.woff
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
808 B (808 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/assets/fonts/default-274a65bae9742377aaf0.woff HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/styles/bundle.d071057f32870c8e483f9e1082373aab.css
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: text/html
Content-Length: 808
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Mar 2021 10:06:23 GMT
ETag: "328-5bd3fef8ae5c0"
Accept-Ranges: bytes

cloud.lacunza.net/app/assets/fonts/default-815fcbb4d2c579017011.woff

185.5.125.46

404 Not Found

808 B

URL GET HTTP/1.1
cloud.lacunza.net/app/assets/fonts/default-815fcbb4d2c579017011.woff
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
808 B (808 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/assets/fonts/default-815fcbb4d2c579017011.woff HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/styles/bundle.d071057f32870c8e483f9e1082373aab.css
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: text/html
Content-Length: 808
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Mar 2021 10:06:23 GMT
ETag: "328-5bd3fef8ae5c0"
Accept-Ranges: bytes

cloud.lacunza.net/app/assets/fonts/default-3e828e80f6e985c352eb.woff

185.5.125.46

404 Not Found

808 B

URL GET HTTP/1.1
cloud.lacunza.net/app/assets/fonts/default-3e828e80f6e985c352eb.woff
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
808 B (808 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/assets/fonts/default-3e828e80f6e985c352eb.woff HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/styles/bundle.d071057f32870c8e483f9e1082373aab.css
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: text/html
Content-Length: 808
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Mar 2021 10:06:23 GMT
ETag: "328-5bd3fef8ae5c0"
Accept-Ranges: bytes

cloud.lacunza.net/app/assets/fonts/iconfont-da52a17c1b8deb953bfe.woff

185.5.125.46

404 Not Found

808 B

URL GET HTTP/1.1
cloud.lacunza.net/app/assets/fonts/iconfont-da52a17c1b8deb953bfe.woff
IP
185.5.125.46:443
ASN
#202207 Aspa Cloud Sl

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert, Inc.
Subject*.lacunza.net
Fingerprint49:EA:EC:EA:0A:09:EE:8D:AB:EC:A3:8B:F6:6B:F0:5B:25:7C:25:CB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
808 B (808 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /app/assets/fonts/iconfont-da52a17c1b8deb953bfe.woff HTTP/1.1
Host: cloud.lacunza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/app/styles/bundle.d071057f32870c8e483f9e1082373aab.css
Cookie: PHPSESSID=onnqa1e8vbo2lmae84hhtbvso4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 04 Dec 2023 08:49:19 GMT
Content-Type: text/html
Content-Length: 808
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Mar 2021 10:06:23 GMT
ETag: "328-5bd3fef8ae5c0"
Accept-Ranges: bytes

ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=2b0499d3bf

172.64.205.20

200 OK

1.8 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=2b0499d3bf
IP
172.64.205.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81
ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT

File type
ASCII text, with very long lines (1560)
Size
1.8 kB (1801 bytes)
Hash
cc84affe95dbdd9726525f57d20b4ea6
8cb9c48fba9752c5f6ee36cc3783aef322643b0c
6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be

HTTP Headers

GET /releases/v6.5.1/css/free-v4-font-face.min.css?token=2b0499d3bf HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloud.lacunza.net/
Origin: https://cloud.lacunza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 08:49:19 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
etag: W/"cc84affe95dbdd9726525f57d20b4ea6"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: X2_OYtBdc91wpeCDK97e1AilLkJe5xuWjPMODrE7V76gZ-49--I6LA==
age: 268912
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSiLlS%2FD41TYuCb0Dnmt4Zyu5VH%2BxAYRiuCTyn400i6PGgsutNEqGAN4aKwVV0vZwkO6KfvM3H0M5PbPPF1DDDVjY8FqZ9A%2Fzyi7j5vSd3HloxO%2Fgj4%2Fy9k3nsFN9ZU%2FCgsk6canTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8302cba248b17798-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/favicon.ico

96.6.17.154

325 B

URL GET
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/favicon.ico
IP
96.6.17.154:0
ASN
#16625 AKAMAI-AS

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
325 B (325 bytes)
Hash
d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/favicon.ico HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 18:45:31 GMT
etag: "47e-609bc9bb4ef14-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 325
content-type: image/vnd.microsoft.icon
expires: Mon, 11 Dec 2023 08:49:19 GMT
date: Mon, 04 Dec 2023 08:49:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=2b0499d3bf

172.64.205.20

200 OK

823 B

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=2b0499d3bf
IP
172.64.205.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81
ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT

File type
ASCII text, with very long lines (845), with no line terminators
Size
823 B (823 bytes)
Hash
e6d3783736d2fad2b606057fbb27accf
42a95cbe55b5192414282a64e5f0a106ebd0cfcd
428e4fa90d3cad30b14fe0c63a3a23e6487de4dad755477a33a385844e5a91a7

HTTP Headers

GET /releases/v6.5.1/css/free-v5-font-face.min.css?token=2b0499d3bf HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloud.lacunza.net/
Origin: https://cloud.lacunza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 08:49:19 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
etag: W/"496965a55b1faa4d5c41073ef276afc0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 90b0c7315c3da3c762112b5b8fdfc0aa.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: Q5MGEbwqqE7IePN9y5Unu9BPnaqN0IA-47Fme1ZsSPalkPcis-HQ9g==
age: 275684
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0tCl27tVHUnSwPwK%2F82D8GdbZI8f6O9ASNlSyVz1uxUULB7VjqF1%2BNA90iTkejl24TGwNxGkC1iRkY5iqdqg8mqvUjpB6ZhgCagA%2BYqdfEY3fekGV2rys9sT%2ByGcQJGPLFWeoz%2B4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8302cba288c87798-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=2b0499d3bf

172.64.205.20

200 OK

28 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=2b0499d3bf
IP
172.64.205.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81
ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT

File type
ASCII text, with very long lines (27377)
Size
28 kB (27592 bytes)
Hash
604d6da359831b0dc67e0f522f1ff94d
48b776b939a780fde0270dedf7cc163d25e28bb1
5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76

HTTP Headers

GET /releases/v6.5.1/css/free-v4-shims.min.css?token=2b0499d3bf HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloud.lacunza.net/
Origin: https://cloud.lacunza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 08:49:19 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
etag: W/"604d6da359831b0dc67e0f522f1ff94d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 17a77a72dc1e9981253a822e540e37c2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: djmHQAHTISNG4Qt_F4y5WRUMtxHpVS_4jJp878kDZDUBkxKbUFyFCg==
age: 266506
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEWj%2BkRl2wwLHA7YWZHM8cw0n3iH77m6Ya7WPMQqQX8lgiwvy%2FdyZMKGI7HRLVmSlzynpeBwLeW95bea681KRl63bqyfUx1bqM3zk%2Ff9LPB3Vfbt7aLGIFbT5z4wQc7py3x2sWQGAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8302cba288cc7798-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png

96.6.17.154

200 OK

1.2 kB

URL GET HTTP/2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Size
1.2 kB (1173 bytes)
Hash
6e5f4e072a2793f9d9cd2a6974d5ccc9
df0d0b28ae71a37dd321d33435c3143a446e2741
148a09a41b13df86b44d2a1f70e2482e5d31fd91ce540a0dbe016011a5fd29b9

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 16:12:33 GMT
etag: "495-609ba78a6a442"
accept-ranges: bytes
content-length: 1173
content-type: image/png
expires: Mon, 11 Dec 2023 08:49:19 GMT
date: Mon, 04 Dec 2023 08:49:19 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=2b0499d3bf

172.64.205.20

200 OK

103 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=2b0499d3bf
IP
172.64.205.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81
ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT

File type
ASCII text, with very long lines (65321)
Size
103 kB (103173 bytes)
Hash
edc53d8d44037708e54122b9e30bb2a1
7210b158d88b1e463ba0b08d26835a9fd4e6c57e
b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab

HTTP Headers

GET /releases/v6.5.1/css/free.min.css?token=2b0499d3bf HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloud.lacunza.net/
Origin: https://cloud.lacunza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 08:49:19 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
etag: W/"edc53d8d44037708e54122b9e30bb2a1"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: -h1cflx5phQKbPMm5xBMGmi3PiAcAWEcAs7Kmx6rRQ4cquQ6mxDShg==
age: 275684
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iashTrXdakxEUtxcXqK87fEGgSxQ9K3se9owpEN3SoLvJVVtNmXQAosLDRkEdcrxFbz2jgn%2BmdHU1sAzRtBKZAOQvDnucdSo1VCHDueNMemswgDblunhKqMOdjhSwuybGlDr28vEhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8302cba248af7798-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

kit.fontawesome.com/2b0499d3bf.js

172.64.147.188

200 OK

12 kB

URL GET HTTP/2
kit.fontawesome.com/2b0499d3bf.js
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloud.lacunza.net/app/index.php?userid=ef1de1118138c2ebb63d167fc3f8670e&ue=aaee3bad0b5e236adbbeff6d3bcb1a2e
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (11461)
Size
12 kB (11891 bytes)
Hash
6a26cfe652bf4624be8349f3b9e28d44
37c8e0ee56d8e16d824662ec998da5b860c2dc7b
6cb7278449719ee4d46a944a99b0ce6624f86726839744a136295acca977ee17

HTTP Headers

GET /2b0499d3bf.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloud.lacunza.net
DNT: 1
Connection: keep-alive
Referer: https://cloud.lacunza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 08:49:19 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F5yapT9umGUC-JYLvuVC
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8302cb9e2c725689-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (44)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate