Report - dhl.nl.qas-benelux.edistrada.pl/

Report Overview

Visited public
2023-11-22 14:35:29
Tags
URL
dhl.nl.qas-benelux.edistrada.pl/
Finishing URL
dhl.nl.qas-benelux.edistrada.pl/#/
IP / ASN
91.206.38.179
#20889 All for One sp. z o.o.
Title
Inloggen DHL eCommerce Billing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dhl.nl.qas-benelux.edistrada.pl	unknown	2011-09-15	2023-08-31 11:57:23	2023-11-22 06:18:51	16 kB	2.6 MB	91.206.38.179

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.
2023-11-22	medium	dhl.nl.qas-benelux.edistrada.pl/	DHL Airways, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (33)

	URL	From	Size	First Seen	Last Seen
	unknown	Function	200 B	2023-04-12	2025-05-10
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 20:29 Last Seen2025-05-10 23:55 Times Seen26177 Hash 9de07c8eabd04438b83a70e2ba52adf8 6d2814a8920daec08e35dc866cb489839c843aae a5374d23ef28fe0abf6eeef45f323781ada2bb3b7e784d98330807423bbe10b1 Loading...

	unknown	Function	522 B	2023-04-13	2025-05-10
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 19:08 Last Seen2025-05-10 23:55 Times Seen5055 Hash b90e591ca99fe4edd3358e16eebdb00d bccd71b709a47bbc7062f168a49d286650ad9263 1590b16e655f5bb4dd2e4c4ee8eab12563f967a2240bde212dffc15f59427879 Loading...

	unknown	Function	604 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash 94df9320e5ac35b22daa375e52433721 9b066bc9ae34b039c13e88632c0eed171d3cb27d e89e730b2c3137289b4d9906b493c01a7c81cf71df3c04480ebc22f8023bf2b6 Loading...

	unknown	Function	546 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen65 Hash 89878e8651fabb8b143d01bcb052d9bd 6ebc58863528886cc23f44bda7429bd04fba893c 7987a45df7d2090726dbfd72900a6e6fa77d648ecca45758374c0fbdd267445d Loading...

	unknown	Function	680 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash 9ca1428f7578f607c8658c37c150e8f5 93ca8867e94e0c229812fea4e8262ba27efa0bea ffff6732608f89ffe00d798af475fb91463e27c893392f293340e2096ed4ee62 Loading...

	unknown	Function	706 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash 512bf611f594d9ec6766db92c6f47c59 5e08f1143fc80f39db1b328d1021b08f603f3820 bcc864f1745c1bad5b90035761e285a19cd123400e2258bd49c188822847add4 Loading...

	unknown	Function	514 B	2023-04-12	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 20:29 Last Seen2025-05-09 08:31 Times Seen7000 Hash a261e60d27380922927eb2b2803e496a 69dd6dcce7863b6741553f145074ceb9e90760eb 3a96c9ffcfcc900ed3681cda02ace5270d253fa9c0b0736d6941b5791864f763 Loading...

	unknown	Function	538 B	2023-04-19	2025-04-02
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-04-02 04:12 Times Seen89 Hash bc7d1495dfd5e822fb398f8a8fff1fdc 88056ab83a3bc418a20111ff8d188dbab3270cb7 6eca170f6ae56b3d694c4ef0d5d2bbbd9492561475ce2fb74df961c7fc111a65 Loading...

	unknown	Function	26 B	2023-04-11	2025-05-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:13 Last Seen2025-05-11 14:16 Times Seen127480 Hash 1c862db5f2555377c2dc1e62ed7b3981 c29e6dc25c08a70995127ec13ded6f80d9a36174 27d373a6961f797edf69a80f7f24877ef85c2fc4f9f770b2540b1bf5e66823ac Loading...

	unknown	Function	612 B	2024-08-20	2024-08-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-20 18:19 Last Seen2024-08-20 18:19 Times Seen1 Hash c2832ba82171f61e0b0ae231e9823fa5 f1dd526ef98132bd3d99e102065d8007962a5770 cafa6d3175feb41f9fe888fdf1be177ab861266a36310ae8b6c05513ba918e4a Loading...

	unknown	Function	522 B	2023-04-13	2025-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 19:08 Last Seen2025-05-05 17:36 Times Seen113 Hash 0ba5c40224f8fb1325b8e8f583d7daf4 e4c017d1b2dc1d32f4f27a062ce826aa604e355b 7001544d74c15f2ab276d9682d97a9925b509d84a62a406967844b29ffbf94fc Loading...

	unknown	Function	530 B	2023-04-19	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-05-09 10:07 Times Seen4773 Hash ecea0d276212c6289b1797bcc9d08e2a e6b207336eb78b8ab5fc6e0f02bcc8e70b1b50aa 9bd4f6a4a76020554927a81ce600044aab9ae42a58ef6ed5466cb7cdf4d586a4 Loading...

	unknown	Function	546 B	2023-04-19	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-05-09 10:07 Times Seen4604 Hash 62762f02e8003e198ecbe8787ec24649 93bc972a115930753f3c85347c11ab6cae449e19 340b80607e896658dd4a2267dbfc0075b4027b6a0f4e4d59188197ac3304d4c7 Loading...

	dhl.nl.qas-benelux.edistrada.pl/app/vendor-28a9ccb1c6.js	ScriptElement	1.1 MB	2023-11-22	2023-11-22
Pretty URL dhl.nl.qas-benelux.edistrada.pl/app/vendor-28a9ccb1c6.js IP 91.206.38.179 ASN #20889 All for One sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-22 15:35 Last Seen2023-11-22 15:35 Times Seen1 Hash 2af476b5af5e71805386d9409e2ff255 f8e8af1b84530d23dec4d20c0e1bfa192f903023 2b6511caf9c47638ff2368fe9fd1a76e6e9f13a5f66458f85903e628c72d00eb Loading...

	unknown	Function	554 B	2023-04-19	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-05-09 08:31 Times Seen4588 Hash 489a42efb1287235decc453fb7d0f794 90d00c593a47fc247cd235fabfe192badb789df8 e5f18b619f696ae58aa6600e61c435a0e9cb3e474ce9e7fee8f2cb5827b7723d Loading...

	unknown	Function	612 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:55 Times Seen20 Hash 717a4555764e91bac242877dbe35d4bd 4174c61cc0458b52e18d93b02a00d5c43b96ff11 89891448bbe848b69f37f030d25d9d53de3ed182e5d631982489c14ad473ff71 Loading...

	unknown	Function	645 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash 90604935ca0eef043c52aaef37b428b5 876f6a17e76057c172a86a004b7c2978b1c1ecc1 e605ea26fdb627fbe7c294b057b272d37085dbe7a67756946eaf87508be2b9c1 Loading...

	unknown	Function	536 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash 704e07134f69e5a40e384cc2c13c2564 d22d417cf9891857900afa8bce601659be227589 1b8498e7d2ede00a917a62a86432579962913f925082294a484ebe868a0a2267 Loading...

	unknown	Function	837 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash 4c3a9353794e76c2ba89f7f0d8afd2d8 cd6236e027258b7820b21f82e43e43324c483029 7e7e95dffc06fc330dfffa4481d68cb7684ba1be4e467d99eb80be2b9532f015 Loading...

	unknown	Function	702 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash 1f505ca8a487e6599058c78270694d0a d1f6d57cb773365de4d61b87b731ebd2a0b851f4 5a0528fef57c79fe2232e9009fb0f67d50274ba1f7e1ba2229a12b873d2e21cb Loading...

	unknown	Function	801 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash 5912b38019a8765d0ba13ea8f4505d5c 9c04cf0368eb0fc04efb8ce5f4133e73f872a3a6 4676b37ef6738a159a70269a96e6210c9f5156f7f6de192362a29d3428e0ea35 Loading...

	unknown	Function	669 B	2024-08-20	2024-08-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-20 18:19 Last Seen2024-08-20 18:19 Times Seen1 Hash 6f85c1bc21e818a2d3d8a7b7b758bfb5 9d04a7e6568ce095cef2c889f06a41c0c839f2d6 0673c99586b8194db4c16807394e7afe1e1053dc2887e1db9ab6df3df787dfe0 Loading...

	unknown	Function	612 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:55 Times Seen19 Hash 33e0f52d74bc5b5673f7a55ebb39d11d 4d82084bf8524aaa5547d4e49b569330665d41bc b74dff117da71b3196a19e2b59811498501ae8db9a0687ddfb48bd8787f101f1 Loading...

	dhl.nl.qas-benelux.edistrada.pl/app/app-7e85fe47d8.js	ScriptElement	444 kB	2023-11-22	2023-11-22
Pretty URL dhl.nl.qas-benelux.edistrada.pl/app/app-7e85fe47d8.js IP 91.206.38.179 ASN #20889 All for One sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-22 15:35 Last Seen2023-11-22 15:35 Times Seen1 Hash 68aaf5aaea958c5b0332366acaf11c4d 3dd18926ff2b6610a9bdc8ea5f3d3ca9beb1a1b7 7c1661293e43df5474532a8d28e0fc817507f7dbad77059dbf40cc6827952c96 Loading...

	unknown	Function	522 B	2023-04-14	2025-05-01
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 18:32 Last Seen2025-05-01 06:48 Times Seen48 Hash 486c9afe05bde1b3d8f3e6fe1b408ec4 9e33b879cbe8850d0e8b4bc315c2730bd3822cdd d64bbcfec4b90e46456d1684f98ea055a3e1b9ca705fe064d319458bcd6aa7a3 Loading...

	dhl.nl.qas-benelux.edistrada.pl/i18n/angular-locale_nl.js	ScriptElement	2.7 kB	2023-11-22	2023-11-22
Pretty URL dhl.nl.qas-benelux.edistrada.pl/i18n/angular-locale_nl.js IP 91.206.38.179 ASN #20889 All for One sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-22 15:35 Last Seen2023-11-22 15:35 Times Seen1 Hash db3515050838b41dcbef44f12a29bbba 376c5871744cb7b7c2f645288a16fe51134537e7 f6861667160531c16cf701b253670fb9ec9e00558374284bb8ac5bc580380642 Loading...

	unknown	Function	1.5 kB	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash 21c9d321459d453127370655d4253957 450325bb127c0ec013e72cb712cf56e8a4545ff3 29ef7e3a1de41888398142345cac14fc1ede03b67e61cc7cfb46f0c584dcb1bd Loading...

	unknown	Function	1.5 kB	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash 18a984ff00c1949b1f2f2fca47a62956 6434983d746464527431beb247b9739b051b9faa 3a940895861356768982ea799f2bc1846e0b904d5179a45846cfabfd10ef4b2f Loading...

	unknown	Function	599 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash 5f608b5deb0ab41032f22f161b52d3e5 9de47f499430cf3f795885e4bb8ec5e3d8739463 bb6b3b46855851664cc4002c0c69867cd9c1bdddad0ffa1662f7adfd50fd9e8d Loading...

	unknown	Function	561 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash e48809a60619a4af5ee610a430fcf8af ff33384c95899c7d92174487b53a94ad1d9e4806 e110ebee2327ea0e4810ed89cc99aae15ee90937e96ddfd6bfcdb9b861da9ed6 Loading...

	unknown	Function	305 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash a053842059e0a7c4c08ed1d98487cc2d d12e6817ff69bfdb6ab015736e861e8b0384fbe6 06ad60cc0483d1961949105ceaad2d89ba546c8a6f214268ef6936869f8cf3b1 Loading...

	unknown	Function	1.2 kB	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash b8d8c5fef0de5b9410cff1b788981f20 c17d15538279041f67598342151d5fc719c6c5a4 96477e90ce6219ea33e04050a48756d51627cc61b7936d38a59d964a10e1756f Loading...

	unknown	Function	434 B	2023-04-19	2025-03-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 09:33 Last Seen2025-03-20 06:39 Times Seen15 Hash 4743ca38c5f58b3402838e74fb1453ea c0cc0dec70b2ec997dea73f1051ed2aecebce1e8 2cf32b49e0d4c8015af1497d91340a7c88c0c4e3df5209fe337a4078707c4c27 Loading...

HTTP Transactions (26)

URL IP Response Size

dhl.nl.qas-benelux.edistrada.pl/content/css/main-c059a0a9a2.css

91.206.38.179

200 OK

30 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/css/main-c059a0a9a2.css
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
ASCII text, with very long lines (30007)
Size
30 kB (30056 bytes)
Hash
96593f9faf9a92eacd103116662aa1a8
610cb0b31b29e38244c150cc355e9b23f32e471c
22e88dc7672f8eac8d89c091e1f57096f9682b559e9d563f65dc1167264e6fa9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/css/main-c059a0a9a2.css HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:11 GMT
content-type: text/css
content-length: 30056
last-modified: Fri, 20 Oct 2023 16:35:16 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/vendor/vendor-9981f69eeb.css

91.206.38.179

200 OK

498 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/vendor/vendor-9981f69eeb.css
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
ASCII text, with very long lines (63799)
Size
498 kB (497488 bytes)
Hash
19c074afcd600a528a49def384daa36e
93d8bbbb129bed9a96d5cc8fe8592d4f3c8ba7c0
e678b2d2efc3af9e1c9fb81891334a097c06c3cb4a0707971ea2271c250cad95

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/vendor/vendor-9981f69eeb.css HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:11 GMT
content-type: text/css
content-length: 497488
last-modified: Fri, 20 Oct 2023 16:35:16 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/app/app-7e85fe47d8.js

91.206.38.179

200 OK

444 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/app/app-7e85fe47d8.js
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
C source, ASCII text, with very long lines (32005)
Size
444 kB (444198 bytes)
Hash
68aaf5aaea958c5b0332366acaf11c4d
3dd18926ff2b6610a9bdc8ea5f3d3ca9beb1a1b7
7c1661293e43df5474532a8d28e0fc817507f7dbad77059dbf40cc6827952c96

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /app/app-7e85fe47d8.js HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:11 GMT
content-type: application/javascript
content-length: 444198
last-modified: Fri, 20 Oct 2023 16:35:16 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/app/vendor-28a9ccb1c6.js

91.206.38.179

200 OK

1.1 MB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/app/vendor-28a9ccb1c6.js
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
ASCII text, with very long lines (32027)
Size
1.1 MB (1109304 bytes)
Hash
2af476b5af5e71805386d9409e2ff255
f8e8af1b84530d23dec4d20c0e1bfa192f903023
2b6511caf9c47638ff2368fe9fd1a76e6e9f13a5f66458f85903e628c72d00eb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /app/vendor-28a9ccb1c6.js HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:11 GMT
content-type: application/javascript
content-length: 1109304
last-modified: Fri, 20 Oct 2023 16:35:16 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/images/favicon-a6f1af8e79.gif

91.206.38.179

200 OK

2.2 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/images/favicon-a6f1af8e79.gif
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Size
2.2 kB (2238 bytes)
Hash
a6f1af8e79a11829ba9a66474b06bb97
d99e3ec7747c865033a8dfad43c9f49634404bc1
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/images/favicon-a6f1af8e79.gif HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: image/gif
content-length: 2238
last-modified: Fri, 20 Oct 2023 16:34:44 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/i18n/angular-locale_nl.js

91.206.38.179

200 OK

2.7 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/i18n/angular-locale_nl.js
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
ASCII text
Size
2.7 kB (2740 bytes)
Hash
db3515050838b41dcbef44f12a29bbba
376c5871744cb7b7c2f645288a16fe51134537e7
f6861667160531c16cf701b253670fb9ec9e00558374284bb8ac5bc580380642

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /i18n/angular-locale_nl.js HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: application/javascript
content-length: 2740
last-modified: Fri, 20 Oct 2023 16:34:40 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/edistrada2/api/language?cacheBuster=1700663714730

91.206.38.179

200 OK

0 B

URL POST HTTP/2
dhl.nl.qas-benelux.edistrada.pl/edistrada2/api/language?cacheBuster=1700663714730
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

POST /edistrada2/api/language?cacheBuster=1700663714730 HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
X-Frame-Options: DENY
Content-Type: application/json;charset=utf-8
Authorization: Basic
Content-Length: 2
Origin: https://dhl.nl.qas-benelux.edistrada.pl
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-length: 0
set-cookie: JSESSIONID=CB5B94619054DBD5216A1399BA235F05; Path=/; Secure; HttpOnly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
x-content-security-policy: default-src 'self'
x-webkit-csp: default-src 'self'
server: SNP PROXY 2.0.1a
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/edistrada2/api/session?cacheBuster=1700663714731

91.206.38.179

401 Unauthorized

0 B

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/edistrada2/api/session?cacheBuster=1700663714731
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /edistrada2/api/session?cacheBuster=1700663714731 HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
X-Frame-Options: DENY
Authorization: Basic
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 401 Unauthorized
date: Wed, 22 Nov 2023 14:35:12 GMT
content-length: 0
set-cookie: JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310; Path=/; Secure; HttpOnly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
x-content-security-policy: default-src 'self'
x-webkit-csp: default-src 'self'
server: SNP PROXY 2.0.1a
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/i18n/nl/global.json?cacheBuster=1700663714798

91.206.38.179

200 OK

4.2 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/i18n/nl/global.json?cacheBuster=1700663714798
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
JSON data\012- , Unicode text, UTF-8 text
Size
4.2 kB (4153 bytes)
Hash
de3651015805695c7d32b2f265c10c90
a7624e2dee326d71a61751584c36aa5161475f65
d2fbaabba4c30dbc7b1f89d44b1f1bbd3b509bc8f28b20614b870db0532766c1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /i18n/nl/global.json?cacheBuster=1700663714798 HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
X-Frame-Options: DENY
Authorization: Basic
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: application/json
content-length: 4153
last-modified: Fri, 20 Oct 2023 16:34:42 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/i18n/nl/login.json?cacheBuster=1700663714798

91.206.38.179

200 OK

1.3 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/i18n/nl/login.json?cacheBuster=1700663714798
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
JSON data\012- , Unicode text, UTF-8 text
Size
1.3 kB (1304 bytes)
Hash
3f9a97f1ad5e3551f1f1aa8527c48adc
34426b04619e6d31f1782a9143be224d7dd86976
a6dfa11da41120e917ee1a3bf2495b1c63366d4adf5ea490f3bf9c944d7939c4

HTTP Headers

GET /i18n/nl/login.json?cacheBuster=1700663714798 HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
X-Frame-Options: DENY
Authorization: Basic
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: application/json
content-length: 1304
last-modified: Fri, 20 Oct 2023 16:34:42 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/edistrada2/api/language?cacheBuster=1700663714798

91.206.38.179

200 OK

0 B

URL POST HTTP/2
dhl.nl.qas-benelux.edistrada.pl/edistrada2/api/language?cacheBuster=1700663714798
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

POST /edistrada2/api/language?cacheBuster=1700663714798 HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
X-Frame-Options: DENY
Content-Type: application/json;charset=utf-8
Authorization: Basic
Content-Length: 2
Origin: https://dhl.nl.qas-benelux.edistrada.pl
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-length: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
x-content-security-policy: default-src 'self'
x-webkit-csp: default-src 'self'
server: SNP PROXY 2.0.1a
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/edistrada2/api/language?cacheBuster=1700663714870

91.206.38.179

200 OK

0 B

URL POST HTTP/2
dhl.nl.qas-benelux.edistrada.pl/edistrada2/api/language?cacheBuster=1700663714870
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

POST /edistrada2/api/language?cacheBuster=1700663714870 HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
X-Frame-Options: DENY
Content-Type: application/json;charset=utf-8
Authorization: Basic
Content-Length: 2
Origin: https://dhl.nl.qas-benelux.edistrada.pl
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-length: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
x-content-security-policy: default-src 'self'
x-webkit-csp: default-src 'self'
server: SNP PROXY 2.0.1a
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/images/DHL_rgb-a4dbdac2f8.png

91.206.38.179

200 OK

44 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/images/DHL_rgb-a4dbdac2f8.png
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
PNG image data, 1988 x 440, 8-bit/color RGBA, non-interlaced\012- data
Size
44 kB (44111 bytes)
Hash
a4dbdac2f804e9fc861a516f167a5f33
126f5c866150a0ad42b9181be23dbb7d4c79f6c8
8765d36c6e243027037dd82ea1d5bd2db642bfdc66097d1750fa3b1fb4b18691

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/images/DHL_rgb-a4dbdac2f8.png HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: image/png
content-length: 44111
last-modified: Fri, 20 Oct 2023 16:34:44 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/images/ignore/flags/en.png

91.206.38.179

200 OK

856 B

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/images/ignore/flags/en.png
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
PNG image data, 32 x 20, 8-bit colormap, non-interlaced\012- data
Size
856 B (856 bytes)
Hash
fc3aa193c311f16e12fa404839484634
85ffac07df0c9b533538b803a6313697c8a32fe5
ca0425d2003db32593f081e41f0fe5c03cb4f1a2dcbd397947cb47ddd3ea1d1d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/images/ignore/flags/en.png HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: image/png
content-length: 856
last-modified: Fri, 20 Oct 2023 16:34:44 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/images/ignore/flags/nl.png

91.206.38.179

200 OK

99 B

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/images/ignore/flags/nl.png
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
PNG image data, 32 x 20, 2-bit colormap, non-interlaced\012- data
Size
99 B (99 bytes)
Hash
f591196ce58662965f749c67976e5578
778eb7c3e80c1c933bccfe4fb159ade13391bf3f
c5834702ae33e27c843278617c38ca1f094e28886ff5c6cd08849458d48b7dbe

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/images/ignore/flags/nl.png HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: image/png
content-length: 99
last-modified: Fri, 20 Oct 2023 16:34:44 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/images/ignore/flags/fr.png

91.206.38.179

200 OK

99 B

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/images/ignore/flags/fr.png
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
PNG image data, 32 x 20, 2-bit colormap, non-interlaced\012- data
Size
99 B (99 bytes)
Hash
c83313884746af6593a2c5316e2ee40b
23ffbfb6e7ee9b0e9d3bc8d875651700aa95adb5
eb8604c2cc9ff6fb296728c716d6894268500bf0119547a1e9efe9c16f8d80c7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/images/ignore/flags/fr.png HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: image/png
content-length: 99
last-modified: Fri, 20 Oct 2023 16:34:44 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/images/ignore/flags/de.png

91.206.38.179

200 OK

99 B

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/images/ignore/flags/de.png
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
PNG image data, 32 x 20, 2-bit colormap, non-interlaced\012- data
Size
99 B (99 bytes)
Hash
ce1c806317987f0d189dd089cc662a35
18373c247ee35cd86074f8a3c7511165a5b222fd
82df55ae8608770bc968b86b406ba8dd5a39bee56ef1a48bc7d93e9919e867f9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/images/ignore/flags/de.png HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: image/png
content-length: 99
last-modified: Fri, 20 Oct 2023 16:34:44 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/fonts/Delivery_W_Bd-7637928007.woff2

91.206.38.179

200 OK

34 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/fonts/Delivery_W_Bd-7637928007.woff2
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33808, version 1.66\012- data
Size
34 kB (33808 bytes)
Hash
7637928007dc8ed18d0c789995aa2af2
421ccda189112cb40cdf3fff8fb20f5f840e3dfc
62cf91563ce604e4d98e2e0e479f636cb95f505eccae77e14da46bc28f8cedfc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/fonts/Delivery_W_Bd-7637928007.woff2 HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/content/css/main-c059a0a9a2.css
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: application/octet-stream
content-length: 33808
last-modified: Fri, 20 Oct 2023 16:34:42 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/fonts/Delivery_W_Rg-3bbcc3a3f3.woff2

91.206.38.179

200 OK

34 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/fonts/Delivery_W_Rg-3bbcc3a3f3.woff2
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33604, version 1.66\012- data
Size
34 kB (33603 bytes)
Hash
3bbcc3a3f3979bcd9c2842f97b2c748c
dfcca250f17cc18e127bc780af6309c10baa12de
571e1a3904a7324bd4a06b8d87f474c79f18ada3e25d6f3cba5f5b4179793cda

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/fonts/Delivery_W_Rg-3bbcc3a3f3.woff2 HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/content/css/main-c059a0a9a2.css
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: application/octet-stream
content-length: 33603
last-modified: Fri, 20 Oct 2023 16:34:42 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/fonts/fontawesome-webfont-c559fcc74f.woff2?v=4.6.3

91.206.38.179

200 OK

77 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/fonts/fontawesome-webfont-c559fcc74f.woff2?v=4.6.3
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77159 bytes)
Hash
c559fcc74ff2037d8e94e800e98538b6
598c13c9d6b64d3089f4a2a84fb6964cbd5b46c3
9278f630bfea2530b8273089cb8e51aa1048ec25c04efad95dfa3166f460cc5e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/fonts/fontawesome-webfont-c559fcc74f.woff2?v=4.6.3 HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/content/css/main-c059a0a9a2.css
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: application/octet-stream
content-length: 77159
last-modified: Fri, 20 Oct 2023 16:34:42 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/fonts/dhlicons-d273de87b9.ttf

91.206.38.179

200 OK

8.0 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/fonts/dhlicons-d273de87b9.ttf
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, dhlicons \012- data
Size
8.0 kB (8032 bytes)
Hash
d273de87b98eed62c9055fc98b418757
8bce2218f15a7a7b305ca1218c4283d709f3db0d
dfc3c6bda2597985c3aa2387d9f2f158969742cee11356698967a98d7d60e7f3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/fonts/dhlicons-d273de87b9.ttf HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/content/css/main-c059a0a9a2.css
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: application/octet-stream
content-length: 8032
last-modified: Fri, 20 Oct 2023 16:34:40 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/fonts/glyphicons-halflings-regular-448c34a56d.woff2

91.206.38.179

200 OK

18 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/fonts/glyphicons-halflings-regular-448c34a56d.woff2
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/fonts/glyphicons-halflings-regular-448c34a56d.woff2 HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/content/vendor/vendor-9981f69eeb.css
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: application/octet-stream
content-length: 18028
last-modified: Fri, 20 Oct 2023 16:34:42 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/fonts/Delivery_W_Rg-03f859bf58.woff

91.206.38.179

200 OK

41 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/fonts/Delivery_W_Rg-03f859bf58.woff
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
Web Open Font Format, TrueType, length 41084, version 1.66\012- data
Size
41 kB (41084 bytes)
Hash
03f859bf58e4d37841070de34be7d978
3436d4fa17e7ee470c3d62b08787cfa7de408408
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/fonts/Delivery_W_Rg-03f859bf58.woff HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/content/css/main-c059a0a9a2.css
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: application/octet-stream
content-length: 41084
last-modified: Fri, 20 Oct 2023 16:34:42 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/fonts/fontawesome-webfont-f3652b29b2.woff?v=4.6.3

91.206.38.179

200 OK

98 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/fonts/fontawesome-webfont-f3652b29b2.woff?v=4.6.3
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Size
98 kB (98019 bytes)
Hash
f3652b29b2153ecf20d925efbed9e3cd
c6f61c52e926a7ec4910e0297eeaf4ffd0eae034
56678081f8d20039bddf6eadab2b070b3d343d7014151f9990eb588cb49dad1e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /content/fonts/fontawesome-webfont-f3652b29b2.woff?v=4.6.3 HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/content/css/main-c059a0a9a2.css
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: application/octet-stream
content-length: 98019
last-modified: Fri, 20 Oct 2023 16:34:42 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/content/fonts/fontawesome-webfont-b06871f281.ttf?v=4.6.3

91.206.38.179

200 OK

166 kB

URL GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/content/fonts/fontawesome-webfont-b06871f281.ttf?v=4.6.3
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Requested by
https://dhl.nl.qas-benelux.edistrada.pl/
Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
TrueType Font data, 13 tables, 1st "FFTM", 24 names, Macintosh\012- data
Size
166 kB (165548 bytes)
Hash
b06871f281fee6b241d60582ae9369b9
13b1eab65a983c7a73bc7997c479d66943f7c6cb
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

HTTP Headers

GET /content/fonts/fontawesome-webfont-b06871f281.ttf?v=4.6.3 HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl.nl.qas-benelux.edistrada.pl/content/css/main-c059a0a9a2.css
Cookie: NG_TRANSLATE_LANG_KEY=%22nl%22; JSESSIONID=C95960D0A1DEFE05E1FB79F5D2EBA310
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:12 GMT
content-type: application/octet-stream
content-length: 165548
last-modified: Fri, 20 Oct 2023 16:34:42 GMT
accept-ranges: bytes
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

dhl.nl.qas-benelux.edistrada.pl/

91.206.38.179

200 OK

1.2 kB

URL User Request GET HTTP/2
dhl.nl.qas-benelux.edistrada.pl/
IP
91.206.38.179:443
ASN
#20889 All for One sp. z o.o.

Certificate
IssuerLet's Encrypt
Subjectdhl.nl.qas-benelux.edistrada.pl
Fingerprint40:0E:59:21:F4:2D:2E:5D:E6:AA:AC:CD:55:6E:BD:7E:8C:60:36:4B
ValidityTue, 26 Sep 2023 13:41:03 GMT - Mon, 25 Dec 2023 13:41:02 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1243), with no line terminators
Size
1.2 kB (1177 bytes)
Hash
45b3e8734b8106d7bc47851e8ac806d9
577e78355062f673272ae915b410fb6c98eb34f8
cc967f10ff1b46db3dfc2ea9a2e26e1904a664350aa7c353d9d257b42100c37d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET / HTTP/1.1
Host: dhl.nl.qas-benelux.edistrada.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 22 Nov 2023 14:35:11 GMT
content-type: text/html
last-modified: Fri, 20 Oct 2023 16:35:16 GMT
server: SNP PROXY 2.0.1a
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (33)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash