Report - dhl.lboaw.top/mx

Report Overview

Visited public
2025-07-16 00:00:21
Tags
dhl logistics phishing darcula
Submit Tags
URL
dhl.lboaw.top/mx
Finishing URL
dhl.lboaw.top/mx
IP / ASN
172.67.155.73
#13335 CLOUDFLARENET
Title
Rastreo - DHL - México
Phishing - DHL
Phishing - Darcula Phishing Kit

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dhl.lboaw.top	unknown	2025-07-15	2025-07-16	2025-07-16	21 kB	3.2 MB	172.67.155.73

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	dhl.lboaw.top/assets/CommonLayout.vue_vue_type_script_setup_true_lang-200cf8b5.js	ImportedModule	356 B	2025-07-04	2025-07-17
Pretty URL dhl.lboaw.top/assets/CommonLayout.vue_vue_type_script_setup_true_lang-200cf8b5.js IP 172.67.155.73 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-07-04 20:19 Last Seen2025-07-17 21:40 Times Seen14 Hash 78e1264d762d9a4851ea274f2983b163 4a8c464ec3b3f6b91e597bcd20c1bfc4eee339fb 4db8bfb348010e883a2f8a026397ca189e09495e7092327248dc002f97663659 Loading...

	dhl.lboaw.top/assets/HomeView-0511f9d2.js	ScriptElement	63 kB	2025-07-04	2025-07-17
Pretty URL dhl.lboaw.top/assets/HomeView-0511f9d2.js IP 172.67.155.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-04 20:19 Last Seen2025-07-17 21:40 Times Seen14 Hash 61ce8db89734a4fda9c1df9feb0229ef 338a3a21ea49e46c81cf709f7cc583b6ee1d8ac1 7d13b7322fd5670bb63fa1462c7783b18abac173bfa7c87080f3b2df18f590f0 Loading...

	dhl.lboaw.top/mx	ScriptElement	1.0 kB	2025-03-28	2025-07-17
Pretty URL dhl.lboaw.top/mx IP 172.67.155.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-28 05:19 Last Seen2025-07-17 21:40 Times Seen615 Hash 1721c4ad9c3ece090db7c40c6760ab50 3b5700ee650c570c339b9b6361ccf3b22c985394 0cfbd5300363e488a85c4af1a29dc18759dbb15658762f8f603ddb3fc66eed5a Loading...

	dhl.lboaw.top/mx	ScriptElement	2.9 kB	2025-03-28	2025-07-17
Pretty URL dhl.lboaw.top/mx IP 172.67.155.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-28 05:19 Last Seen2025-07-17 21:40 Times Seen560 Hash c9856413e32fd91a4aedae103e4e03c8 f2e718cc34c3eb5272d549f55634245412bb4e99 98f59aa28b02ebaf99e8d94fcdd97128c9d329efd3ff9e7d2188d7ebe3550d85 Loading...

	dhl.lboaw.top/assets/index-1b0b3cf4.js	ScriptElement	401 kB	2025-07-04	2025-07-17
Pretty URL dhl.lboaw.top/assets/index-1b0b3cf4.js IP 172.67.155.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-04 20:19 Last Seen2025-07-17 21:40 Times Seen14 Hash 4bd1e6186d374944c10723f2ede1bd1a b3c4891f8c310fcf720f8ebd993dd57ed21606a6 30257188b1d141501215d982e47088b73098bfe676ce8970877b2df40760b530 Loading...

	dhl.lboaw.top/assets/IndexView-f811afe3.js	ScriptElement	456 B	2025-07-04	2025-07-17
Pretty URL dhl.lboaw.top/assets/IndexView-f811afe3.js IP 172.67.155.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-04 20:19 Last Seen2025-07-17 21:40 Times Seen14 Hash 2fd0d0f7617f41577f049fab4495fe5c 83c2cdcb1b49a0cc872a131198eb82f37fb99928 4f3ebf97f903bb28cc5d6834a4eab3dd7e985d1317608e3e69928d4c0745e048 Loading...

HTTP Transactions (41)

URL IP Response Size

GET dhl.lboaw.top/assets/index-1b0b3cf4.js

172.67.155.73

200 OK

401 kB

URL GET
dhl.lboaw.top/assets/index-1b0b3cf4.js
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (34029)
Size
401 kB (400873 bytes)
Hash
4bd1e6186d374944c10723f2ede1bd1a
b3c4891f8c310fcf720f8ebd993dd57ed21606a6
30257188b1d141501215d982e47088b73098bfe676ce8970877b2df40760b530

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/index-1b0b3cf4.js HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 16 Jul 2025 00:00:00 GMT
content-type: text/javascript; charset=utf-8
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XuD%2BHgypO80%2Frb%2BwqaRQLoZ638fRfDmA9d0761q4t%2B837GhXmdeJPcCGGvLOovjAGTR8xbo3jI7gNsBiRrk4PtM%2FsYtoMzivmoWY"}]}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
content-encoding: br
server: cloudflare
cf-ray: 95fd377d8ac0b4f4-OSL
X-Firefox-Spdy: h2

GET dhl.lboaw.top/assets/IndexView-f811afe3.js

172.67.155.73

200 OK

456 B

URL GET
dhl.lboaw.top/assets/IndexView-f811afe3.js
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
Java source, ASCII text, with very long lines (455)
Size
456 B (456 bytes)
Hash
2fd0d0f7617f41577f049fab4495fe5c
83c2cdcb1b49a0cc872a131198eb82f37fb99928
4f3ebf97f903bb28cc5d6834a4eab3dd7e985d1317608e3e69928d4c0745e048

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/IndexView-f811afe3.js HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/assets/index-1b0b3cf4.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:02 GMT
content-type: text/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HLgRXVLTTllGf5IgEbjl3PO0TzW%2Fbfq8dBTrcnWoWQ9gnee3%2FlcSlVD3TWbxDERryoZ4%2FmmwUdmqg8EijgxFpvZXUV25tCfFNDgDhJ8XfdDLAL7qu4uhxIKRfdTknc%2Fn"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 95fd378cd9c156ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=596&min_rtt=0&rtt_var=739&sent=539&recv=745&lost=0&retrans=0&sent_bytes=60076&recv_bytes=43206&delivery_rate=7198868&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=2734&inflight_dur=122&x=40"

GET dhl.lboaw.top/assets/CommonLayout.vue_vue_type_script_setup_true_lang-200cf8b5.js

172.67.155.73

200 OK

356 B

URL GET
dhl.lboaw.top/assets/CommonLayout.vue_vue_type_script_setup_true_lang-200cf8b5.js
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
Java source, ASCII text, with very long lines (355)
Size
356 B (356 bytes)
Hash
78e1264d762d9a4851ea274f2983b163
4a8c464ec3b3f6b91e597bcd20c1bfc4eee339fb
4db8bfb348010e883a2f8a026397ca189e09495e7092327248dc002f97663659

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/CommonLayout.vue_vue_type_script_setup_true_lang-200cf8b5.js HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dhl.lboaw.top/mx
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:05 GMT
content-type: text/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hR0nG2%2BbMuQbwEYDnfYl115iCpxaiI2QbLKxTzcbMqfueKldTeXW0ZeudyYkhkMRBu5%2BM75cewU%2BCTMBuP%2BSqpvWBey%2Fb5Wcy9F6opx%2BYAIqxLzlmul1i%2Bwig9L4%2BVf6"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd379bba2956ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=944&min_rtt=0&rtt_var=274&sent=902&recv=823&lost=1&retrans=1&sent_bytes=487622&recv_bytes=48197&delivery_rate=22174391&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=26933&unsent_bytes=0&cid=bcf334505dbb08f9&ts=5902&inflight_dur=252&x=40"

GET dhl.lboaw.top/assets/HomeView-0511f9d2.js

172.67.155.73

200 OK

63 kB

URL GET
dhl.lboaw.top/assets/HomeView-0511f9d2.js
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (56837)
Size
63 kB (63032 bytes)
Hash
61ce8db89734a4fda9c1df9feb0229ef
338a3a21ea49e46c81cf709f7cc583b6ee1d8ac1
7d13b7322fd5670bb63fa1462c7783b18abac173bfa7c87080f3b2df18f590f0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/HomeView-0511f9d2.js HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dhl.lboaw.top/mx
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:05 GMT
content-type: text/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kjANcUjAQx8SxF8SpyFQQICDm10hq1EQ1fWOVfEu76KbnPG4ZiyCRPRUMBnhTarlZhS0qj%2Flfr%2Flbsglpsw3vM5SumEGZ9PuUtcTtOK2kurmEVXyucBK5waGEo%2FZ%2BsL7"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd379bba2856ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=894&min_rtt=0&rtt_var=231&sent=896&recv=822&lost=1&retrans=1&sent_bytes=482545&recv_bytes=48152&delivery_rate=22174391&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=26933&unsent_bytes=0&cid=bcf334505dbb08f9&ts=5895&inflight_dur=249&x=40"

GET dhl.lboaw.top/mex_post_dhl/content/experience-fragments/dhl/es-mx-mexican/core/primary_navigation/flyouts/ship_desktop/standard_dgf_exp_ship_desktop/sme_hub_standard_dgf_exp_ship_desktop/_jcr_content/root/container/container/teaser_copy_copy_cop.coreimg.svg/1743083428460/glo-core-gogreen-warehousing.svg

172.67.155.73

200 OK

350 B

URL GET
dhl.lboaw.top/mex_post_dhl/content/experience-fragments/dhl/es-mx-mexican/core/primary_navigation/flyouts/ship_desktop/standard_dgf_exp_ship_desktop/sme_hub_standard_dgf_exp_ship_desktop/_jcr_content/root/container/container/teaser_copy_copy_cop.coreimg.svg/1743083428460/glo-core-gogreen-warehousing.svg
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
SVG Scalable Vector Graphics image
Size
350 B (350 bytes)
Hash
8da5b9475e8ca8003c914252dd02daee
5e111db8e09f8f22433cf8d0c53d67fdfd1c4abc
685ef6a7fa4b012c32cf17ca60911f2aa5f491656ed16463bc341a0dd9ec97fb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/content/experience-fragments/dhl/es-mx-mexican/core/primary_navigation/flyouts/ship_desktop/standard_dgf_exp_ship_desktop/sme_hub_standard_dgf_exp_ship_desktop/_jcr_content/root/container/container/teaser_copy_copy_cop.coreimg.svg/1743083428460/glo-core-gogreen-warehousing.svg HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=awI9FmQTH8zVb1vuhejLBeaV4roevfRC9VR0BO%2F2Tq%2BIFbqM7Pgxkc8gXGSk8I69linO31NTnVnUg9g0xcEyi8WNwJ0DndiLA8q5Dpa8o3l2SCkZBFryYD36ZlLSAR6f"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd37a3ea6556ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1705&min_rtt=0&rtt_var=914&sent=987&recv=853&lost=1&retrans=2&sent_bytes=564071&recv_bytes=54768&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7173&inflight_dur=321&x=40"

GET dhl.lboaw.top/assets/IndexView-f811afe3.js

172.67.155.73

200 OK

456 B

URL GET
dhl.lboaw.top/assets/IndexView-f811afe3.js
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
Java source, ASCII text, with very long lines (455)
Size
456 B (456 bytes)
Hash
2fd0d0f7617f41577f049fab4495fe5c
83c2cdcb1b49a0cc872a131198eb82f37fb99928
4f3ebf97f903bb28cc5d6834a4eab3dd7e985d1317608e3e69928d4c0745e048

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/IndexView-f811afe3.js HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dhl.lboaw.top/mx
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:01 GMT
content-type: text/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GKB13jo2AYtkurdBNAXgtOCF8lN1xWGalU8%2BVbMwJF6WgpORBA1bYexOCBao6jVMRRnBapGetzwRVXcigAkb3A6ZS%2Bm7KIoOAfvvYdo6AJ5ul92r%2FEac7k%2BebslDnqRn"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd3787899056ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=975&min_rtt=455&rtt_var=289&sent=503&recv=722&lost=0&retrans=0&sent_bytes=32012&recv_bytes=38812&delivery_rate=575548&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=2064&inflight_dur=62&x=40"

GET dhl.lboaw.top/mex_post_dhl/161.png

172.67.155.73

200 OK

1.2 kB

URL GET
dhl.lboaw.top/mex_post_dhl/161.png
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/161.png HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:02 GMT
content-type: image/png
content-length: 1150
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uELnYlZ235AHuAdCmejrqbo9AEgFLXjc%2FnZjkDvBtvmbnZ40DY15UyEe34I9L2mhzAdP6xQ5%2F6jqgVDHbScTdDY07l%2BnXQEKA1hDVTtFHB%2B64SGASmoQYb2KrIspBpYF"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 95fd378a099b56ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=QUIC&rtt=639&min_rtt=0&rtt_var=641&sent=541&recv=746&lost=0&retrans=0&sent_bytes=61114&recv_bytes=43250&delivery_rate=7198868&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=3047&inflight_dur=124&x=40"

GET dhl.lboaw.top/mex_post_dhl/etc.clientlibs/dhl/clientlibs/clientlib-core.min.css

172.67.155.73

200 OK

29 B

URL GET
dhl.lboaw.top/mex_post_dhl/etc.clientlibs/dhl/clientlibs/clientlib-core.min.css
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
ASCII text, with no line terminators
Size
29 B (29 bytes)
Hash
b104a4a85c21511ada13e2c6e7552d37
475c6eb572d41f86d612ef9d8d64c2cd9ae95980
34a8d4f240f1b7a01d0472d5367e1bc57e17f70a12a91aae37dcac3b33b24732

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/etc.clientlibs/dhl/clientlibs/clientlib-core.min.css HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:02 GMT
content-type: text/css; charset=utf-8
content-length: 29
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N9dvJPypWHKvSaGw%2Bd4hDE35SQ%2BmkBgzoZE7S5L53Oot%2BtAQQ9xhXA9tSSdX2M7jgg7518db9cEuD5%2BshA88q5k9B%2BoJAxwcvk0PbgbhqVtxJdk5t6c9v3EBsyhfHfF8"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 95fd378c99ba56ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=QUIC&rtt=717&min_rtt=0&rtt_var=257&sent=559&recv=751&lost=0&retrans=0&sent_bytes=79530&recv_bytes=43472&delivery_rate=7198868&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=3428&inflight_dur=132&x=40"

GET dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/css/bundle-utapi-logic.a46cee02d0fa4b316f19113a99375f8c.css

172.67.155.73

200 OK

48 kB

URL GET
dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/css/bundle-utapi-logic.a46cee02d0fa4b316f19113a99375f8c.css
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
ASCII text, with very long lines (47840), with no line terminators
Size
48 kB (47840 bytes)
Hash
9f4184b6a19888be3c965fe90c84ff5e
ffbf1720773c79a275dce4a2a76f1a8e15c10cad
87d3e58d5fd38a7e7bcc294702f8cbe7e8e3c8c128864ac225429815f8581fcf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/etc/clientlibs/dhl/clientlib-all/css/bundle-utapi-logic.a46cee02d0fa4b316f19113a99375f8c.css HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:02 GMT
content-type: text/css; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tn%2B4hXRK9rt1Z1vz8gYACPta67xLWIioQuf9CzOVpgsbsMcetqhCOJqj4tRc3hTGxTlnb%2FGxybSH3Etf2IhAueUzeofPkJzW6WyjY%2BV6hFUv1cMsi85gvWZd1VKbZTwf"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd378c99bd56ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=736&min_rtt=0&rtt_var=241&sent=566&recv=753&lost=0&retrans=0&sent_bytes=86880&recv_bytes=43561&delivery_rate=7198868&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=3465&inflight_dur=147&x=40"

GET dhl.lboaw.top/mex_post_dhl/content/dam/dhl/global/core/images/logos/linkedIn-new.svg

172.67.155.73

200 OK

1.1 kB

URL GET
dhl.lboaw.top/mex_post_dhl/content/dam/dhl/global/core/images/logos/linkedIn-new.svg
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1054 bytes)
Hash
2fff9adf3097c217f1849b01babba2fb
7e8144a89322cb04e7fbcc57817f802423cadb9b
86a4a9a96396b1de82e1616e6c1c62a2185f808328816c40e2abb03c37c4e965

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/content/dam/dhl/global/core/images/logos/linkedIn-new.svg HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1f5UJaakYoZ9yhzm2QsKU%2FUdQ34vw9XObGXAx4fimh4XHU0dJyHG6A%2Bhi7WLlAifK%2BdNMPC5Fgn%2B%2B55Cg9epFUT5OBKbGcKQm3VaG79d5poynXtiCXTJMWVUtrLpK1AO"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd37a40a6d56ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1622&min_rtt=0&rtt_var=693&sent=996&recv=857&lost=1&retrans=2&sent_bytes=569099&recv_bytes=54947&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7222&inflight_dur=353&x=40"

GET dhl.lboaw.top/mex_post_dhl/content/dam/dhl/global/core/images/logos/instagram-new.svg

172.67.155.73

200 OK

3.5 kB

URL GET
dhl.lboaw.top/mex_post_dhl/content/dam/dhl/global/core/images/logos/instagram-new.svg
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
SVG Scalable Vector Graphics image
Size
3.5 kB (3485 bytes)
Hash
3acb3282b220833f708c5a9be810bcf2
fd26e6ea27a510af8b14da5f5fc8510cf0794e06
f27026fef42b128c001a2c722d427044a148b50fc90c55f898c4447838580237

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/content/dam/dhl/global/core/images/logos/instagram-new.svg HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uVRcLHL%2Bf16ITcgR4U%2FWPYICSWNfy84u%2Bg2CjW0GiM%2F5qN2EDfIyVlX86C8W9T68foKUXB44Vv32wX%2B%2BIVjeMuL1D3SHJM7vcEbeLdDCyjrj4y%2FQ9QWKWBZYzglIq1f5"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd37a40a6c56ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1666&min_rtt=0&rtt_var=764&sent=991&recv=854&lost=1&retrans=2&sent_bytes=565992&recv_bytes=54813&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7191&inflight_dur=332&x=40"

GET dhl.lboaw.top/mex_post_dhl/assets/87c40e39KEh3i.woff

172.67.155.73

404 Not Found

9 B

URL GET
dhl.lboaw.top/mex_post_dhl/assets/87c40e39KEh3i.woff
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/assets/87c40e39KEh3i.woff HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/assets/index-7da512f6.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: text/plain; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pHGthZg5CV1tDfUKQg5AiIQpP45aJMxLMjfKQvh1kjwOx6haBxWSzB4tCaBYhuMHFcWSSFcqON9vCanEfYUC%2F5H18IOBvzvctBUO4jQC3ZeQT9ElZRhPfQegie4URvO%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
trace-id: 15f55f843f92521842d6ca5ddc679163
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 95fd37a44a7456ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1533&min_rtt=0&rtt_var=532&sent=1003&recv=859&lost=1&retrans=2&sent_bytes=574016&recv_bytes=55037&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7255&inflight_dur=369&x=40"

GET dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/css/bundle.a46cee02d0fa4b316f19113a99375f8c.css

172.67.155.73

200 OK

783 kB

URL GET
dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/css/bundle.a46cee02d0fa4b316f19113a99375f8c.css
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
783 kB (783018 bytes)
Hash
7ecb9d11f467393d99f379dd7255bd3f
fb0301181a3333a542630b4a1284ec00fc396043
a9d17b6b0a62562e409a2625f379ea693acfea117a37effcb8b720069d7cb464

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/etc/clientlibs/dhl/clientlib-all/css/bundle.a46cee02d0fa4b316f19113a99375f8c.css HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:02 GMT
content-type: text/css; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rn114v2jRXFWqoSLY1lh5pxgac6g6RW5dJmtjDlNte6YMI0qk%2Fb5Z6vJv1YFqXm5vWyMxnO%2Fkos1x69y9tNCPvnoQ1biAKcfyKs0YBoUNO4a%2FMVci5vNv9nr%2BzfUJIrT"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd378c59b156ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=693&min_rtt=0&rtt_var=278&sent=556&recv=750&lost=0&retrans=0&sent_bytes=76552&recv_bytes=43428&delivery_rate=7198868&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=3426&inflight_dur=130&x=40"

GET dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-15a7ed37f53bdda49a82.woff2

172.67.155.73

200 OK

46 kB

URL GET
dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-15a7ed37f53bdda49a82.woff2
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46480, version 2.-32768
Size
46 kB (46480 bytes)
Hash
405ee55d59cc72b33dfca356007d158a
5b3fdb0fbee3db06bd5e51375afb72b3769a8273
c666a3ea59aeb107899f70d6f80cd1c5397be3a04ad70a2766f5cee3bdb266a9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-15a7ed37f53bdda49a82.woff2 HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dhl.lboaw.top/mx
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:02 GMT
content-type: font/woff2
content-length: 46480
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qob66Bu7GFIVeZrhFp1IdWhokAvroIe6U1fufqCLnqgI6XmedB%2Fa8FbxMrByjp%2FTLaxrfQAPVv2gQVSTGNe7McakjQ5pw5fl4V5sRU0oHn98EDHbj3GntOW%2B3QFtK0Wl"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 95fd378c69b256ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=QUIC&rtt=673&min_rtt=0&rtt_var=441&sent=547&recv=748&lost=0&retrans=0&sent_bytes=66131&recv_bytes=43340&delivery_rate=7198868&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=3395&inflight_dur=127&x=40"

GET wss://dhl.lboaw.top/ws?token=daca00e918fb62b7fc84031018943f0eab178cf31b1a960ad2172a84bd573a362a740e642f66aa6faf4fad769861da7b5490f037a2a9e78212ba91d6a6ed0e0e11202142a9

172.67.155.73

101 Switching Protocols

0 B

URL GET
wss://dhl.lboaw.top/ws?token=daca00e918fb62b7fc84031018943f0eab178cf31b1a960ad2172a84bd573a362a740e642f66aa6faf4fad769861da7b5490f037a2a9e78212ba91d6a6ed0e0e11202142a9
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /ws?token=daca00e918fb62b7fc84031018943f0eab178cf31b1a960ad2172a84bd573a362a740e642f66aa6faf4fad769861da7b5490f037a2a9e78212ba91d6a6ed0e0e11202142a9 HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://dhl.lboaw.top
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +FXpbAmLhRSvwdMvFTeouw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Wed, 16 Jul 2025 00:00:03 GMT
Connection: upgrade
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Alt-Svc: h3=":443"; ma=86400
Sec-WebSocket-Accept: iDbaDVWXHsC8nuLAbt9dEYqVfjg=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover
Upgrade: websocket
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2BcOyYGO5wUzOIURyOFmPoQf%2F3w3D%2F9JEZmggH2MZXkra54br5XOcqZvG6EqQnc40HCB%2BXGh2sgpHO6RP8%2B1YVPqsLNQox8qlnqg6v199Rq2OErcWzydeQ9L8kLkJoSW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 95fd378f7a6c569c-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=464&min_rtt=433&rtt_var=141&sent=5&recv=8&lost=0&retrans=0&sent_bytes=3109&recv_bytes=1301&delivery_rate=8059369&cwnd=252&unsent_bytes=0&cid=df1b589e34f30107&ts=805&x=0"

GET dhl.lboaw.top/mex_post_dhl/content/dam/dhl/global/core/images/logos/dhl-logo.svg

172.67.155.73

200 OK

962 B

URL GET
dhl.lboaw.top/mex_post_dhl/content/dam/dhl/global/core/images/logos/dhl-logo.svg
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
SVG Scalable Vector Graphics image
Size
962 B (962 bytes)
Hash
532ab610b8d23e1a76fe835ea38d3f64
bb8143056f80f377663a6c2f760e2ba5cd8ba7b9
328777be6ed92ae88755009a974a1283abf795957a3df244576ed70f5de4e9c3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/content/dam/dhl/global/core/images/logos/dhl-logo.svg HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pf3xKH0oK9z6F2qHwCslYxIeg9CssNIVRVSxvmjjSEP4uUtXmWEaHvyUN5%2BaSTQ5JfydfM0i9zPZBrW6unv8t3O5psauq8fXaefxloKvfkOZ5BY8RTtN8ub5TPKkPcQE"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd37a3ca6256ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1551&min_rtt=0&rtt_var=662&sent=998&recv=858&lost=1&retrans=2&sent_bytes=570339&recv_bytes=54992&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7224&inflight_dur=354&x=40"

GET dhl.lboaw.top/mex_post_dhl/assets/4335b993KEh3i.woff

172.67.155.73

404 Not Found

9 B

URL GET
dhl.lboaw.top/mex_post_dhl/assets/4335b993KEh3i.woff
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/assets/4335b993KEh3i.woff HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/assets/index-7da512f6.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 16 Jul 2025 00:00:05 GMT
content-type: text/plain; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6PeqPRFiXbv5c0DeO39gFartr3w90uywVeYGJzRsNPdoHoI5aniVfdDMRpLpUih%2F3PTy%2B6VDnSvQz3WMlKvekubQ6%2Fzn4hztFtcN7OVwS%2B62sPiRECr9wTkue2x2iSij"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
trace-id: 418a855f3f92521834d6ca5d838a6d0a
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 95fd37a42a6f56ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1078&min_rtt=0&rtt_var=231&sent=973&recv=847&lost=1&retrans=1&sent_bytes=549570&recv_bytes=54106&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=6646&inflight_dur=267&x=40"

GET dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-8e6d0b88b797ac15af11.woff2

172.67.155.73

200 OK

57 kB

URL GET
dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-8e6d0b88b797ac15af11.woff2
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 56732, version 1.0
Size
57 kB (56732 bytes)
Hash
77ea2c877b8bd3c7ea095230f825b691
7087e41339158f121b9cc7679df5a11cfe531db2
c49a3ef98bf351800cd626ae989d15ba7125f87a02d7f226beb1125942c886a8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-8e6d0b88b797ac15af11.woff2 HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/css/bundle.a46cee02d0fa4b316f19113a99375f8c.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: font/woff2
content-length: 56732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vWBrdX%2F3PvsXOvdNjRSW9gQinC4t5LQE1JMwk98hY5Q%2FmM%2FOjBfge1mkS5bpsRkCPVHY77we4U7UA2Knp2YlAgisXsNXcNygsM%2BVZ1MCmvIQktd0xX0JJHDnSFQPwOpp"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 95fd37a75a8656ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=QUIC&rtt=1801&min_rtt=0&rtt_var=964&sent=982&recv=852&lost=1&retrans=2&sent_bytes=558344&recv_bytes=54723&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7159&inflight_dur=319&x=40"

GET dhl.lboaw.top/mex_post_dhl/pages/head.html

172.67.155.73

200 OK

189 kB

URL GET
dhl.lboaw.top/mex_post_dhl/pages/head.html
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (457)
Size
189 kB (188990 bytes)
Hash
c29846ba484ba5993cb99ee00563944f
c07f2f6db321db3df3467bd509bc0117cc935dfe
8957807d471c1c1ecd775fde1fd8949aef5d4f40d0e586d923114a5b5c695ce0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/pages/head.html HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dhl.lboaw.top/mx
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:01 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SLOKBvCekFmVVtk%2BThX%2B6Lr2FA7rPep0%2FXW2nkgybCQSC6AWwzypmLUwKaA3icu8o%2BwdDbFU823HzJN%2FbQy%2F07cvunTo9HNVh2IdO3q0fD9zxi0I8wAy6qReYMQGEGpy"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95fd3787798e56ba-OSL
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=975&min_rtt=455&rtt_var=289&sent=504&recv=722&lost=0&retrans=0&sent_bytes=33057&recv_bytes=38812&delivery_rate=575548&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=2069&inflight_dur=62&x=40"

GET dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/css/bundle-utapi-ui.a46cee02d0fa4b316f19113a99375f8c.css

172.67.155.73

200 OK

32 kB

URL GET
dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/css/bundle-utapi-ui.a46cee02d0fa4b316f19113a99375f8c.css
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
ASCII text, with very long lines (32159), with no line terminators
Size
32 kB (32159 bytes)
Hash
aa318f240627623933d152048c7cf0c9
7236bebc58c0c1c6834dca257ec8192248866cfc
46eecd832e16e472fc4c27acb72307ef84b9a1ceaccf28b37f09b72c0cfdfa3a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/etc/clientlibs/dhl/clientlib-all/css/bundle-utapi-ui.a46cee02d0fa4b316f19113a99375f8c.css HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:02 GMT
content-type: text/css; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDfFIg7tL17qoUOB8%2B95UqWoVsR1Iemn7NK9FzkUq7jaouP1JhJhcb7Ql3hz26sq9YPErBi7KjQl9qLp3SBOUzfaA7K6Dtsr8%2Bn1GCetVFKvY3yxB5tgRfbvdmE7FOSm"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd378c99be56ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=717&min_rtt=0&rtt_var=257&sent=560&recv=751&lost=0&retrans=0&sent_bytes=80256&recv_bytes=43472&delivery_rate=7198868&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=3439&inflight_dur=132&x=40"

GET dhl.lboaw.top/assets/CommonLayout.vue_vue_type_script_setup_true_lang-200cf8b5.js

172.67.155.73

200 OK

356 B

URL GET
dhl.lboaw.top/assets/CommonLayout.vue_vue_type_script_setup_true_lang-200cf8b5.js
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
Java source, ASCII text, with very long lines (355)
Size
356 B (356 bytes)
Hash
78e1264d762d9a4851ea274f2983b163
4a8c464ec3b3f6b91e597bcd20c1bfc4eee339fb
4db8bfb348010e883a2f8a026397ca189e09495e7092327248dc002f97663659

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/CommonLayout.vue_vue_type_script_setup_true_lang-200cf8b5.js HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/assets/HomeView-0511f9d2.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:05 GMT
content-type: text/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azs4jLmn6BevayHU54n5Ju4SMRJOBRSUA7cjngxnGB0KaulH5BDHQly5mRxFSD5o7KBRHcEB%2FZEkuZqXthQKDHmxlnSGX7%2BO3hn2vbNaWbdO8azQ2pqCB8pqO5%2BemWZh"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 95fd37a37a6156ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1040&min_rtt=0&rtt_var=382&sent=948&recv=830&lost=1&retrans=1&sent_bytes=539201&recv_bytes=48772&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=6351&inflight_dur=262&x=40"

GET dhl.lboaw.top/mex_post_dhl/content/experience-fragments/dhl/es-mx-mexican/core/primary_navigation/flyouts/ship_desktop/standard_dgf_exp_ship_desktop/sme_hub_standard_dgf_exp_ship_desktop/_jcr_content/root/container/container/teaser.coreimg.svg/1743083428439/manifest-received-rgb-red.svg

172.67.155.73

200 OK

432 B

URL GET
dhl.lboaw.top/mex_post_dhl/content/experience-fragments/dhl/es-mx-mexican/core/primary_navigation/flyouts/ship_desktop/standard_dgf_exp_ship_desktop/sme_hub_standard_dgf_exp_ship_desktop/_jcr_content/root/container/container/teaser.coreimg.svg/1743083428439/manifest-received-rgb-red.svg
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
SVG Scalable Vector Graphics image
Size
432 B (432 bytes)
Hash
55defb3c31a831b86168aa5f98df985d
8cf87f76ba5c71de6e2c4d57f1ba67b04fc5fe26
354587dbaa872752509e6b18fc13c0d8d53d17b02a6b8e31654e0bca9eb4cfce

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/content/experience-fragments/dhl/es-mx-mexican/core/primary_navigation/flyouts/ship_desktop/standard_dgf_exp_ship_desktop/sme_hub_standard_dgf_exp_ship_desktop/_jcr_content/root/container/container/teaser.coreimg.svg/1743083428439/manifest-received-rgb-red.svg HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HLJHpJr54v0GxNJdcWZCL0izaqFsVL%2BW6EbA1hbFGZjpym9kdec9xJJW2H9RKu%2FA2uOUeUiO6%2B7OXFsRjHqVRBOD9AMsZ6XZmXgHiF50F%2Bat0To9iKEdYMRi799VE6zh"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd37a3da6356ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1666&min_rtt=0&rtt_var=764&sent=988&recv=854&lost=1&retrans=2&sent_bytes=564961&recv_bytes=54813&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7188&inflight_dur=332&x=40"

GET dhl.lboaw.top/assets/IndexView-4f4c357d.css

172.67.155.73

200 OK

508 B

URL GET
dhl.lboaw.top/assets/IndexView-4f4c357d.css
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
ASCII text, with very long lines (507)
Size
508 B (508 bytes)
Hash
9ad5a8a34fbd24169993bd7802b60b11
3461bdc985f343dee74c1380227e84eef7caaa3c
4f4c357dc183add047281009131b05e717f601fbb1f57aa5526691488ee591ec

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/IndexView-4f4c357d.css HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:02 GMT
content-type: text/css; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mf8hqRhHf01tYwqumS80zy0SPYsxMTEnUbpGf4j1u0o7VVxmqOtbLfR069r9PxbeFfdIA6PhG%2B%2BibgWgZXCLznYEZFGvbQeAtdkmny%2FF9zpRYl328Qy4qveHujfBuoeI"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd3787898f56ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=416&min_rtt=0&rtt_var=505&sent=535&recv=742&lost=0&retrans=0&sent_bytes=59059&recv_bytes=42595&delivery_rate=7198868&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=2689&inflight_dur=120&x=40"

POST dhl.lboaw.top/api

172.67.155.73

200 OK

9.8 kB

URL POST
dhl.lboaw.top/api
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
JSON text data
Size
9.8 kB (9769 bytes)
Hash
81bd39045fcf6a7cffb14d532d9ea38c
6b3684abbbff4d91015fade719e296ba78656d0e
95e30bd584d060e811690ffa16c3a8faa17475c82fee615f435b89fe44f362ae

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

POST /api HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2
Origin: https://dhl.lboaw.top
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:02 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGOL3Mazn0KVHMyCseMYAJk1nNtrb2XP4p69LTGLzNdtOipqcbDVACDcRAebJxPaPBveRo2kMXpWB88Jcq2FP51dToPQT5KVFuVRjPWzYVaAO0caiHrozy26WjsDgdBr"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
trace-id: 840405813e9252181fd6ca5d00a60594
via: 1.1 Caddy
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95fd378cc9c056ba-OSL
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=682&min_rtt=0&rtt_var=566&sent=543&recv=747&lost=0&retrans=0&sent_bytes=62969&recv_bytes=43295&delivery_rate=7198868&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=3071&inflight_dur=125&x=40"

GET dhl.lboaw.top/mex_post_dhl/pages/footer.html

172.67.155.73

200 OK

18 kB

URL GET
dhl.lboaw.top/mex_post_dhl/pages/footer.html
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (415)
Size
18 kB (18001 bytes)
Hash
4bdc7a2faaacaa8cb1190bba669a1190
ee409e9f8599658d7fc089f9117d55fc6dce6726
555355bd1a04c8f01d81770720426b05c0bbbdca7fea7623e5073c8b103fe761

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/pages/footer.html HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dhl.lboaw.top/mx
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:04 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QNPblI9B2PLcaDMtK9IpYjP0lf3ESZgyQpJyJjnbahB6PZ3JyLZv73RQ9X7%2Bbj67utnS3EPfXdw1x6bkgqfKgz8OSE4ryHN7t%2BY6Nrz3Gwouc4QBHgXYIMKlqWowYImr"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95fd37992a1d56ba-OSL
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=875&min_rtt=0&rtt_var=349&sent=886&recv=816&lost=1&retrans=1&sent_bytes=478390&recv_bytes=46939&delivery_rate=22174391&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=26933&unsent_bytes=0&cid=bcf334505dbb08f9&ts=4888&inflight_dur=246&x=40"

GET dhl.lboaw.top/mex_post_dhl/content/experience-fragments/dhl/es-mx-mexican/core/primary_navigation/flyouts/enterprise_logistics_1871926873/standard_enterprise_desktop/master/_jcr_content/root/container/container_copy/image.coreimg.80.1197.jpeg/1669725273632/workers-in-warehouse-0001.jpeg

172.67.155.73

200 OK

245 kB

URL GET
dhl.lboaw.top/mex_post_dhl/content/experience-fragments/dhl/es-mx-mexican/core/primary_navigation/flyouts/enterprise_logistics_1871926873/standard_enterprise_desktop/master/_jcr_content/root/container/container_copy/image.coreimg.80.1197.jpeg/1669725273632/workers-in-warehouse-0001.jpeg
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1197x897, components 3
Size
245 kB (245046 bytes)
Hash
93b0847c9d1449e1108c53d6b3199e32
bf58ff0242754a7f25d73c36a2c28d80818f71d7
a3ce8540ef8ffb1abc5676b18a3f07725f89bd4bafdf5cce1863fc3c043775bd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/content/experience-fragments/dhl/es-mx-mexican/core/primary_navigation/flyouts/enterprise_logistics_1871926873/standard_enterprise_desktop/master/_jcr_content/root/container/container_copy/image.coreimg.80.1197.jpeg/1669725273632/workers-in-warehouse-0001.jpeg HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: image/jpeg
content-length: 245046
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ap5%2Fjc%2F6QzTc9kfrZsI6ICYVlNFvRIYixJRN3iXTJOtfGHF%2FD5VHx%2BXVSNwUIAgP8btY6MmchKoDGmgVieJwRN0td399z3wVPt9%2BQwjroeOjk9%2Bguy%2FFLahpqpxQk5RV"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 95fd37a3ea6756ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=QUIC&rtt=1801&min_rtt=0&rtt_var=1284&sent=978&recv=851&lost=1&retrans=2&sent_bytes=553477&recv_bytes=54679&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7120&inflight_dur=317&x=40"

GET dhl.lboaw.top/mex_post_dhl/content/dam/dhl/global/core/images/logos/youtube-new.svg

172.67.155.73

200 OK

818 B

URL GET
dhl.lboaw.top/mex_post_dhl/content/dam/dhl/global/core/images/logos/youtube-new.svg
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
SVG Scalable Vector Graphics image
Size
818 B (818 bytes)
Hash
01c198d73e6a3f7c351b61f860e0fd90
a7bb3ec37dc19e0b8d07aaa272a0de60d7242330
8ab280a31a012ac7c6fb77be3e134d2858d50e3b1d16ffa4b45f35487cadf5bd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/content/dam/dhl/global/core/images/logos/youtube-new.svg HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uCJNh3PwUGwsYgCvG20POQ2L8Q7MnBVDEhDg0VPG%2FVNLvBZ0r9lZe2P5EHh7bCoAf2xdTUQJwD1cnTYohcOLt0gmth9O8vlXu7cnqCstcXwoBkYayUdfKvDq0WEvC1pr"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd37a40a6a56ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1683&min_rtt=0&rtt_var=762&sent=994&recv=856&lost=1&retrans=2&sent_bytes=567996&recv_bytes=54902&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7207&inflight_dur=336&x=40"

GET dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-b8062306a9c370ef50f5.woff2

172.67.155.73

200 OK

43 kB

URL GET
dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-b8062306a9c370ef50f5.woff2
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 43256, version 2.-32768
Size
43 kB (43256 bytes)
Hash
7c78ed94c58cacd1f24bec2dd0724c41
5946e418e8aa97e82d1a221546d3b8548c9686c1
964428f3546449e96f666cacf33cc3fbe9c47f67d6f062697e0e68151aaa1691

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-b8062306a9c370ef50f5.woff2 HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dhl.lboaw.top/mx
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:02 GMT
content-type: font/woff2
content-length: 43256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2Fd7XG8F3lMYwQbhHN%2Bd2zRHtagjdq6fhO%2BeSJKBU9vD0s1VhnEw1b6cEFgO5l9j3YSMMHzcE04lLmdPLU6Dem%2FVbFiYpkJNSGvHdkj8YmvEFO8r2VV9K956X1c3G8KA"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 95fd378c99b956ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=QUIC&rtt=768&min_rtt=0&rtt_var=244&sent=568&recv=754&lost=0&retrans=0&sent_bytes=88698&recv_bytes=43605&delivery_rate=7198868&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=3490&inflight_dur=148&x=40"

GET dhl.lboaw.top/assets/HomeView-692f72d6.css

172.67.155.73

200 OK

323 B

URL GET
dhl.lboaw.top/assets/HomeView-692f72d6.css
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
ASCII text, with very long lines (322)
Size
323 B (323 bytes)
Hash
6c7b73519dd56d5aac56d8d268d21da0
4cdb3a43fc14a43a2d55188e492cf31a076b612b
692f72d643e27798ab18c956858c32b236766866df09edc410b15cc6cb7f7dde

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/HomeView-692f72d6.css HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:05 GMT
content-type: text/css; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LsPcRP3VYpZvcVCTt1KLzeu86sL4JSnZ5F6qPs3Cg%2Bbe0BjhjhwJ8YdSMyAyvZiNg%2FK%2BXP%2FnKHj0Cv2%2FRIUl52ct4KfMiilRHmXBvsuLWoFi3u01oGwsgwsKWifvPl1Y"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd379bba2656ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=880&min_rtt=0&rtt_var=272&sent=893&recv=820&lost=1&retrans=1&sent_bytes=481629&recv_bytes=47835&delivery_rate=22174391&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=26933&unsent_bytes=0&cid=bcf334505dbb08f9&ts=5874&inflight_dur=247&x=40"

GET dhl.lboaw.top/assets/HomeView-0511f9d2.js

172.67.155.73

200 OK

63 kB

URL GET
dhl.lboaw.top/assets/HomeView-0511f9d2.js
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (56837)
Size
63 kB (63032 bytes)
Hash
61ce8db89734a4fda9c1df9feb0229ef
338a3a21ea49e46c81cf709f7cc583b6ee1d8ac1
7d13b7322fd5670bb63fa1462c7783b18abac173bfa7c87080f3b2df18f590f0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/HomeView-0511f9d2.js HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/assets/index-1b0b3cf4.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:05 GMT
content-type: text/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6oTdSV%2FGvvvyqNPqFk2BxL5PJzhGC2q5W%2Fy64dvgjdMxGX8uJfsBo2l26pN9tHMMocIB4NqFpgZiFE1o0SfmNdHvWnoUWRtkVKVsXfN9ibiAcWxFVFTXMMxdOJSnYCr4"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 95fd37a0aa5156ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=894&min_rtt=0&rtt_var=231&sent=899&recv=822&lost=1&retrans=1&sent_bytes=485085&recv_bytes=48152&delivery_rate=22174391&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=26933&unsent_bytes=0&cid=bcf334505dbb08f9&ts=5896&inflight_dur=249&x=40"

GET dhl.lboaw.top/mex_post_dhl/content/dam/dhl/global/core/images/logos/glo-footer-logo.svg

172.67.155.73

200 OK

3.9 kB

URL GET
dhl.lboaw.top/mex_post_dhl/content/dam/dhl/global/core/images/logos/glo-footer-logo.svg
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
SVG Scalable Vector Graphics image
Size
3.9 kB (3890 bytes)
Hash
5ccb5ea15c3e242b155a1645fb30d717
7c14c7cd33894f70df1f5ff821cf6dea8e65d3f5
eec352f272b13be3883b6b13674898e718d277a690011c4e6eb1e47189656433

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/content/dam/dhl/global/core/images/logos/glo-footer-logo.svg HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VDnHa9QKPcnLGsrYeGrUd8BE3tcuokOC%2BlSLgj%2BXwPCRemCdh68djc7lZlWWzqoJSZqHnkK3jS%2Fvw9KQNrLTN%2FtR5KbsE%2B4bJZDOeQNVZNrJJ4mFt0Rz6awCiJXYKAeo"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd37a3fa6856ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1379&min_rtt=0&rtt_var=586&sent=976&recv=850&lost=1&retrans=2&sent_bytes=551022&recv_bytes=54634&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7109&inflight_dur=311&x=40"

GET dhl.lboaw.top/mx

172.67.155.73

200 OK

424 B

URL User Request GET
dhl.lboaw.top/mx
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
HTML document, ASCII text
Size
424 B (424 bytes)
Hash
ee93b0315f6ae70278c5fa3cdad3f511
73959be65029e10957f5db89271ddab46fcf217a
477ca88aa9b2ca6ccc428bd162dd29211ea83936884d9d22722644625933ee8d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mx HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 15 Jul 2025 23:59:59 GMT
content-type: text/html; charset=utf-8
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=IgQ8k%2FrCk69Hv44sBl3bRNU0dhDjJG2l38wstICLj3tfqT5F9fLnK3oOGD5PnZWuRBv1yE6x3XcNC0HUEw7O%2BMxOr0bJyGpCVP6e"}]}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
server: cloudflare
cf-ray: 95fd3776febdb4f4-OSL
X-Firefox-Spdy: h2

172.67.155.73

200 OK

228 B

URL GET
dhl.lboaw.top/mex_post_dhl/content/experience-fragments/dhl/es-mx-mexican/core/primary_navigation/flyouts/ship_desktop/standard_dgf_exp_ship_desktop/sme_hub_standard_dgf_exp_ship_desktop/_jcr_content/root/container/container/teaser_copy.coreimg.svg/1743083428451/calendar-rgb-red.svg
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
SVG Scalable Vector Graphics image
Size
228 B (228 bytes)
Hash
0c2615a62d8030fb00e02b0f2b56fde6
ab235b03b5cee209ba8193f883d4ea8861fcdf17
27af7ced5e75433a6dca20e8874ad6d109f268e0572e344a7efb7d98ca3d4fd7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/content/experience-fragments/dhl/es-mx-mexican/core/primary_navigation/flyouts/ship_desktop/standard_dgf_exp_ship_desktop/sme_hub_standard_dgf_exp_ship_desktop/_jcr_content/root/container/container/teaser_copy.coreimg.svg/1743083428451/calendar-rgb-red.svg HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZqQchXnObqGk9uDTuPaDtbbRU3OQn8tvTgiR%2B2Hp%2FJygncECU%2B8rg2BGr5CSNcbG2uPSZVfRLTbeyWuM4wJHcz59zD6dn%2BURejxjHlYqcvpaq3JqOBGZIFypypv8YqJe"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd37a3da6456ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1705&min_rtt=0&rtt_var=914&sent=986&recv=853&lost=1&retrans=2&sent_bytes=563216&recv_bytes=54768&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7168&inflight_dur=321&x=40"

GET dhl.lboaw.top/mex_post_dhl/content/dam/dhl/global/core/images/logos/facebook-new.svg

172.67.155.73

200 OK

821 B

URL GET
dhl.lboaw.top/mex_post_dhl/content/dam/dhl/global/core/images/logos/facebook-new.svg
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
SVG Scalable Vector Graphics image
Size
821 B (821 bytes)
Hash
79b871b8de76e9e6e4f2f879dac26447
8e60e10b0f2183ca4379d89bc27e4d4d69cfc3ee
1979d99c5483675a8be762b48f46112909e27301c1f549c8cb35a2be5503f72f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/content/dam/dhl/global/core/images/logos/facebook-new.svg HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KyRpzzd0gu1cuuoaQpqeUHhRuDVFj57zEk0mPnnW3sFzXEsCLf6NVZGEMAzou6DDOmWLNww448eJ%2FPaLp4RSp6Bbbuwa23VpR1znZ%2BM8zWOZ0IoLJJIqvS8FnKKfy8zS"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95fd37a40a6b56ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1533&min_rtt=0&rtt_var=532&sent=1001&recv=859&lost=1&retrans=2&sent_bytes=572873&recv_bytes=55037&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7247&inflight_dur=362&x=40"

GET dhl.lboaw.top/mex_post_dhl/assets/19d0bda8KEh3i.woff

172.67.155.73

404 Not Found

9 B

URL GET
dhl.lboaw.top/mex_post_dhl/assets/19d0bda8KEh3i.woff
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/assets/19d0bda8KEh3i.woff HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/assets/index-7da512f6.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: text/plain; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IU%2BkkEhxL%2FL2lixbnjxAlBL7%2BF2Tx49rIAEYnVd%2B7TeuGeyh9gUEZ6msXyXAvVnsZSk030zxTsXziScRpJy7oMSqvsTXRzwTHSGxsERNlWTc8cPif03Goy24wUuKHS2%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
trace-id: 2615dd813f9252183fd6ca5dc8bee40e
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 95fd37a43a7056ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1551&min_rtt=0&rtt_var=662&sent=999&recv=858&lost=1&retrans=2&sent_bytes=571449&recv_bytes=54992&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7229&inflight_dur=354&x=40"

GET dhl.lboaw.top/mex_post_dhl/pages/header.html

172.67.155.73

200 OK

160 kB

URL GET
dhl.lboaw.top/mex_post_dhl/pages/header.html
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (775)
Size
160 kB (159902 bytes)
Hash
d07ea2993b5c9b6260b2f6903955180d
9db023910bf1a03cc93a7ed61bd3cc7f8e3ea0f6
17509996609471355034cbf77762dbb56453bac56ad74ed1b84d24faa94d5d96

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/pages/header.html HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dhl.lboaw.top/mx
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:03 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PF8qZZauEXpeNm6Q6LAo0nmO6SPOaBZfPhSSeULRht1J1nnxRqVBnQx42Il9Ubys08LTrldbF5bdQaFxKav4tmeq3dtrvmpBj8MbokbK%2Fxpl4Jw7FhfPTib%2F9%2BNCkGGr"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95fd37947a0c56ba-OSL
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=844&min_rtt=0&rtt_var=381&sent=747&recv=797&lost=1&retrans=1&sent_bytes=314929&recv_bytes=45804&delivery_rate=14504167&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22949&unsent_bytes=0&cid=bcf334505dbb08f9&ts=4134&inflight_dur=204&x=40"

GET dhl.lboaw.top/mex_post_dhl/assets/5af5c374KEh3i.woff

172.67.155.73

404 Not Found

9 B

URL GET
dhl.lboaw.top/mex_post_dhl/assets/5af5c374KEh3i.woff
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/assets/5af5c374KEh3i.woff HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/assets/index-7da512f6.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 16 Jul 2025 00:00:06 GMT
content-type: text/plain; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oL4Qq57TDddZl9%2FVuq2cLJEmp3ZDbWY0grKPDv9XxIvXpPMKUGRNkKMVgd67BVQsE4W%2BzHDewZlGKF1jNOto5Q2c5X87slznp296C7y6GZCkt22Q%2F9dCNHFR9ZsTvGte"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
trace-id: 520946823f92521840d6ca5d211a2b51
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 95fd37a42a6e56ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=1533&min_rtt=0&rtt_var=532&sent=1000&recv=859&lost=1&retrans=2&sent_bytes=572162&recv_bytes=55037&delivery_rate=23541018&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=22238&unsent_bytes=0&cid=bcf334505dbb08f9&ts=7240&inflight_dur=362&x=40"

GET dhl.lboaw.top/assets/index-7da512f6.css

172.67.155.73

200 OK

89 kB

URL GET
dhl.lboaw.top/assets/index-7da512f6.css
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
Unicode text, UTF-8 text, with very long lines (65508), with no line terminators
Size
89 kB (88848 bytes)
Hash
344f400a469876b7f052a7707cb1221f
ce18a44a66d6dfb7cac818ef33a23b8c00b3af11
7da512f625ce7ac10c468e38815622599c8bd8d702feb962c7d2c3c3e13687e3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/index-7da512f6.css HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 16 Jul 2025 00:00:00 GMT
content-type: text/css; charset=utf-8
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Ewmqzorm4NNojz1Oj61Sw605rKlReanSvSQ3css4EC3cz2ho0CvntY3lRlcGaUuKaLc6IdLi0rAzWVun8nsHHepYlgeLu0HM3Mjf"}]}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
content-encoding: br
server: cloudflare
cf-ray: 95fd377d8ac1b4f4-OSL
X-Firefox-Spdy: h2

GET dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-2d649dcaa71ff88f7b8a.woff2

172.67.155.73

200 OK

43 kB

URL GET
dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-2d649dcaa71ff88f7b8a.woff2
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 43260, version 2.-32768
Size
43 kB (43260 bytes)
Hash
36d918e6bc92be6200ffd3e9bb90a2bd
bac18583a8873b59bd2e47a1c53c93066408ff9a
5c301198e8f7c1040fda1ca101bf816c07d0838504d8fe94d5e587295be99cfe

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-2d649dcaa71ff88f7b8a.woff2 HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dhl.lboaw.top/mx
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:02 GMT
content-type: font/woff2
content-length: 43260
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8g%2BC7HHExyhSx0WDcEcBHmskA0elbe2rDrSOcJ2IkGn7aFtGegKmUpolIx8zISR%2BpEJ%2FODGq3nS%2FPkzw4rp78C%2B%2Ft%2B2SvhgyZKBR6Y2QWDuI%2BoU%2FfH5ojlUGkQJzRzHn"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 95fd378c69b356ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=QUIC&rtt=755&min_rtt=0&rtt_var=269&sent=562&recv=752&lost=0&retrans=0&sent_bytes=82006&recv_bytes=43517&delivery_rate=7198868&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=3448&inflight_dur=145&x=40"

GET dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-4bcce82160b8c6f178f0.woff2

172.67.155.73

200 OK

43 kB

URL GET
dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-4bcce82160b8c6f178f0.woff2
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 42636, version 2.-32768
Size
43 kB (42636 bytes)
Hash
86d772f3cb778df5c29f6ff0edb3404c
1f2d53da878b30223ca5ddacd794f39ef1bf9b3e
0ca0bf391d99f806640039855834587d6cbb5fbce16e73c3e415ba4a2aab1eb9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-4bcce82160b8c6f178f0.woff2 HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dhl.lboaw.top/mx
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:02 GMT
content-type: font/woff2
content-length: 42636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pT0LvQn8F8iudqG%2F0Nn1pfP6BjwmmHYZEzEU7z9eN7SXJTL3vEGA9VT9EpeIHvEubLcwrqg31wLiDr0Az6T22YxXrrR8%2FpJH%2FdFKDqHZpS4i%2FAdHAjUuCFJbtKcL5ScT"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 95fd378c69b456ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=QUIC&rtt=691&min_rtt=0&rtt_var=366&sent=551&recv=749&lost=0&retrans=0&sent_bytes=70994&recv_bytes=43384&delivery_rate=7198868&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=3415&inflight_dur=129&x=40"

GET dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/css/bundle.a46cee02d0fa4b316f19113a99375f8c.css

172.67.155.73

200 OK

783 kB

URL GET
dhl.lboaw.top/mex_post_dhl/etc/clientlibs/dhl/clientlib-all/css/bundle.a46cee02d0fa4b316f19113a99375f8c.css
IP
172.67.155.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhl.lboaw.top/mx
Certificate
IssuerGoogle Trust Services
Subjectlboaw.top
FingerprintDD:09:12:CA:15:97:A0:52:E8:43:DF:98:48:8B:D0:E6:60:36:D9:F1
ValidityTue, 15 Jul 2025 10:38:04 GMT - Mon, 13 Oct 2025 11:36:30 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
783 kB (783018 bytes)
Hash
7ecb9d11f467393d99f379dd7255bd3f
fb0301181a3333a542630b4a1284ec00fc396043
a9d17b6b0a62562e409a2625f379ea693acfea117a37effcb8b720069d7cb464

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /mex_post_dhl/etc/clientlibs/dhl/clientlib-all/css/bundle.a46cee02d0fa4b316f19113a99375f8c.css HTTP/1.1
Host: dhl.lboaw.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.lboaw.top/mx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 16 Jul 2025 00:00:02 GMT
content-type: text/css; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oApVAa8r1Km1bzffgdgfdS2D5a4exWaD4UBmKhlN%2BC3j9X2JpXTlEfHAv7tJUpNR1PAxROc7XqP1KmscM%2Fv%2BDs56hxeR3ek9ce2edmOF2TFcqXgPnV1jVr7X%2FQkavzQw"}],"group":"cf-nel","max_age":604800}
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Jul 2025 20:20:04 GMT
via: 1.1 Caddy
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 95fd378c99bb56ba-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=693&min_rtt=0&rtt_var=278&sent=555&recv=750&lost=0&retrans=0&sent_bytes=75861&recv_bytes=43428&delivery_rate=7198868&ss_exit_cwnd=14903&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=bcf334505dbb08f9&ts=3425&inflight_dur=130&x=40"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (41)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate