Report - ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php

Report Overview

Submitted URL
ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
IP
176.74.24.122
ASN
#38719 Dreamscape Networks Limited
Submitted
2023-12-01 17:38:05
Access
public
Website Title
Global Logistics - International Shipping | DHL Home
Final URL
ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Tags
dhl logistics phishing
urlquery detections
Phishing - DHL

Detections

urlquery
29
Network Intrusion Detection
2
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ja2a5kvr.dreamwp.com	unknown	2016-06-23	2023-11-27	2023-11-28	8.3 kB	1.1 MB	176.74.24.122
www.dhl.com	40018	1989-05-25	2012-07-02	2023-11-28	15 kB	692 kB	96.6.17.154

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-01 17:37:51	low	Client IP	Internal IP	ET INFO Commonly Abused WordPress Application Related Domain in DNS Lookup (dreamwp .com)
2023-12-01 17:37:51	low	Client IP	Internal IP	ET INFO Commonly Abused WordPress Application Related Domain in DNS Lookup (dreamwp .com)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-11-28	medium	ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php	DHL Airways, Inc.

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc.clientlibs/dhl/clientlibs/clientlib-core.min.js	7.4 kB	2023-11-27	2023-12-18
Pretty URL ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc.clientlibs/dhl/clientlibs/clientlib-core.min.js IP 176.74.24.122 ASN #38719 Dreamscape Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 14:09:02 Last Seen2023-12-18 08:59:42 Times Seen3 Hash c46763e5e804fbc9e346550f7a144a67 6fd0d73d98de87c4bd4810428f83d5525dc6462d e2b417fd36481439a9ef3091439812cbe11f1a9fbceef9dc7834780c9f0c1018 Loading...

	ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/js/bundle.68ed004d9792c235096195c178032e0f.js	298 kB	2023-03-07	2024-07-13
Pretty URL ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/js/bundle.68ed004d9792c235096195c178032e0f.js IP 176.74.24.122 ASN #38719 Dreamscape Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:51:47 Last Seen2024-07-13 19:21:56 Times Seen214 Hash 1147cdbfd81a395060aeef854934d101 84c9e8f11bf8e54de05a57e5ef1c7cd8fa153f9b 6bbd40e8dffa7ea232ca88c3e584a2fe6cc42ce966018edda1e43e5e36d731ab Loading...

HTTP Transactions (42)

URL IP Response Size

ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php

176.74.24.122

302 Found

0 B

URL User Request GET HTTP/2
ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET /pane/ih/ilo/mo/home/info.php HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Fri, 01 Dec 2023 17:37:46 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.2.11
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce; path=/
location: index.php
x-newfold-cache-level: 2
X-Firefox-Spdy: h2

ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/index.php

176.74.24.122

302 Found

23 B

URL User Request GET HTTP/2
ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/index.php
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with no line terminators
Size
23 B (23 bytes)
Hash
ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /pane/ih/ilo/mo/home/index.php HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Fri, 01 Dec 2023 17:37:47 GMT
content-type: text/html; charset=UTF-8
content-length: 23
x-powered-by: PHP/8.2.11
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: info.php
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
X-Firefox-Spdy: h2

ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc.clientlibs/dhl/clientlibs/clientlib-core.min.css

176.74.24.122

200 OK

29 B

URL GET HTTP/2
ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc.clientlibs/dhl/clientlibs/clientlib-core.min.css
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
29 B (29 bytes)
Hash
b104a4a85c21511ada13e2c6e7552d37
475c6eb572d41f86d612ef9d8d64c2cd9ae95980
34a8d4f240f1b7a01d0472d5367e1bc57e17f70a12a91aae37dcac3b33b24732

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /pane/ih/ilo/mo/home/etc.clientlibs/dhl/clientlibs/clientlib-core.min.css HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 17:37:47 GMT
content-type: text/css
content-length: 29
last-modified: Fri, 29 Apr 2022 09:43:04 GMT
etag: "626bb328-1d"
expires: Sun, 31 Dec 2023 17:37:47 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/assets.adobedtm.com/launch-ENa2e710b79eef40758cbb936003b8b231.min.js

176.74.24.122

404 Not Found

15 kB

URL GET HTTP/2
ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/assets.adobedtm.com/launch-ENa2e710b79eef40758cbb936003b8b231.min.js
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20451)
Size
15 kB (14940 bytes)
Hash
4f1abd023c048a888a37e6f10f350dde
71c04828c7ce2ccb4dfce30a0450ccfa2e5b275a
c48d60a4e3baf51f9ba03e7a8a3040f3ec7a8c9f5c23dd84dc8c1e355a96517c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /pane/ih/ilo/mo/home/assets.adobedtm.com/launch-ENa2e710b79eef40758cbb936003b8b231.min.js HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 01 Dec 2023 17:37:47 GMT
content-type: text/html; charset=UTF-8
content-length: 14940
x-powered-by: PHP/8.2.11
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ja2a5kvr.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/logos/dhl-logo.svg

96.6.17.154

200 OK

722 B

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/logos/dhl-logo.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
722 B (722 bytes)
Hash
3fecc9db35d5d2a9e6e71ab4b02d22e5
628ba2f505b480097445aaf08649a08242bd6847
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

HTTP Headers

GET /content/dam/dhl/global/core/images/logos/dhl-logo.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 17:04:26 GMT
etag: "643-609bb3238a920-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 722
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/icons/wizard-icons/glo-core-wizard-bulkletters.svg

96.6.17.154

200 OK

628 B

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/icons/wizard-icons/glo-core-wizard-bulkletters.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
628 B (628 bytes)
Hash
2675cbe725f294695cebc4a0aaa74505
79f51edb2edae65bc9247438206c09b13512c2db
7b7e4adb65aa53b1bc731f15511c53d5beb73f187d5c5f35f19ebbfaf0decbbd

HTTP Headers

GET /content/dam/dhl/global/core/images/icons/wizard-icons/glo-core-wizard-bulkletters.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 21:42:49 GMT
etag: "450-609bf15ce2af4-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 628
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/icons/product-icons/glo-core-product-air.svg

96.6.17.154

200 OK

777 B

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/icons/product-icons/glo-core-product-air.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
777 B (777 bytes)
Hash
dc5f0040f866c3bae2a6d826e6efc78c
66c1b84358d166588623a5fa2d3bfd9997ec5a8c
0b9219c0bb4070af4eca3f58737b60adf42ed3867bef6fbf9bf935ffa210d02f

HTTP Headers

GET /content/dam/dhl/global/core/images/icons/product-icons/glo-core-product-air.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 22:53:46 GMT
etag: "5a2-609c0138e4e24-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 777
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/icons/tracking-icons/glo-core-tracking-rail.svg

96.6.17.154

200 OK

692 B

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/icons/tracking-icons/glo-core-tracking-rail.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
692 B (692 bytes)
Hash
e42909ccc508772de6cf31619bb50427
bea6a279882ac0077a49f8590766e8d87e914a2e
46098468df2bec8cb50790597de30d089ecd7dcc77432b6a08b9e3ff1a7d7802

HTTP Headers

GET /content/dam/dhl/global/core/images/icons/tracking-icons/glo-core-tracking-rail.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Fri, 10 Nov 2023 10:14:58 GMT
etag: "549-609c997b00179-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 692
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-5a6dd86f272b304a8b83.woff

96.6.17.154

200 OK

41 kB

URL GET HTTP/2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-5a6dd86f272b304a8b83.woff
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
Web Open Font Format, TrueType, length 41352, version 1.66\012- data
Size
41 kB (41322 bytes)
Hash
4e23ecf085132857bdb54b4da7373151
a50215c22a591536b21e509100d1707c6886ffd6
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/default-5a6dd86f272b304a8b83.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja2a5kvr.dreamwp.com/
Origin: https://ja2a5kvr.dreamwp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 27 Apr 2023 18:48:09 GMT
etag: "a188-5fa55cc3a1bf1-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 41322
content-type: application/font-woff
cache-control: public, max-age=31536000
expires: Sat, 30 Nov 2024 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

ja2a5kvr.dreamwp.com/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-freightshipping.web.175.112.jpg

176.74.24.122

404 Not Found

15 kB

URL GET HTTP/2
ja2a5kvr.dreamwp.com/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-freightshipping.web.175.112.jpg
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20451)
Size
15 kB (14940 bytes)
Hash
4f1abd023c048a888a37e6f10f350dde
71c04828c7ce2ccb4dfce30a0450ccfa2e5b275a
c48d60a4e3baf51f9ba03e7a8a3040f3ec7a8c9f5c23dd84dc8c1e355a96517c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-freightshipping.web.175.112.jpg HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 01 Dec 2023 17:37:47 GMT
content-type: text/html; charset=UTF-8
content-length: 14940
x-powered-by: PHP/8.2.11
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ja2a5kvr.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/icons/tracking-icons/glo-core-tracking-road.svg

96.6.17.154

200 OK

737 B

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/icons/tracking-icons/glo-core-tracking-road.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
737 B (737 bytes)
Hash
0bdb553be0b73b3bf9801e265a5b2934
c7ce06aeb92797d69cc5961328671806d41ab4c5
b5335e0b117f099169020346db0d11cba41d56ff38935733e6987f09bd7ebbf5

HTTP Headers

GET /content/dam/dhl/global/core/images/icons/tracking-icons/glo-core-tracking-road.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Fri, 10 Nov 2023 01:06:12 GMT
etag: "690-609c1ed287e1b-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 737
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-274a65bae9742377aaf0.woff

96.6.17.154

200 OK

41 kB

URL GET HTTP/2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-274a65bae9742377aaf0.woff
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
Web Open Font Format, TrueType, length 41084, version 1.66\012- data
Size
41 kB (41052 bytes)
Hash
03f859bf58e4d37841070de34be7d978
3436d4fa17e7ee470c3d62b08787cfa7de408408
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/default-274a65bae9742377aaf0.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja2a5kvr.dreamwp.com/
Origin: https://ja2a5kvr.dreamwp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Wed, 22 Feb 2023 15:31:06 GMT
etag: W/"a07c-5f54b95b3ea21-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 41052
content-type: application/font-woff
cache-control: public, max-age=31536000
expires: Sat, 30 Nov 2024 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

ja2a5kvr.dreamwp.com/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-solution.web.175.112.jpg

176.74.24.122

404 Not Found

15 kB

URL GET HTTP/2
ja2a5kvr.dreamwp.com/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-solution.web.175.112.jpg
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20451)
Size
15 kB (14940 bytes)
Hash
4f1abd023c048a888a37e6f10f350dde
71c04828c7ce2ccb4dfce30a0450ccfa2e5b275a
c48d60a4e3baf51f9ba03e7a8a3040f3ec7a8c9f5c23dd84dc8c1e355a96517c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-solution.web.175.112.jpg HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 01 Dec 2023 17:37:47 GMT
content-type: text/html; charset=UTF-8
content-length: 14940
x-powered-by: PHP/8.2.11
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ja2a5kvr.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/teaser-image-1200x588/glo-warehousing-solutions-warehousing.web.400.196.jpg

96.6.17.154

200 OK

28 kB

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/teaser-image-1200x588/glo-warehousing-solutions-warehousing.web.400.196.jpg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x196, components 3\012- data
Size
28 kB (27558 bytes)
Hash
91dc2a4df7a7c791c11ae5703149da14
052413c3cf0382062a3ae4ddeed22734b08f6033
289e5d61bf5cb76662ce16f243a0797996cc8c81c7f6e998acee2e3127465ed7

HTTP Headers

GET /content/dam/dhl/global/core/images/teaser-image-1200x588/glo-warehousing-solutions-warehousing.web.400.196.jpg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Fri, 10 Nov 2023 10:22:23 GMT
etag: W/"6ba6-609c9b23369ed"
accept-ranges: bytes
content-length: 27558
content-type: image/jpeg
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

ja2a5kvr.dreamwp.com/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-parcelsdocuments.web.175.112.jpg

176.74.24.122

404 Not Found

15 kB

URL GET HTTP/2
ja2a5kvr.dreamwp.com/content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-parcelsdocuments.web.175.112.jpg
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20451)
Size
15 kB (14940 bytes)
Hash
4f1abd023c048a888a37e6f10f350dde
71c04828c7ce2ccb4dfce30a0450ccfa2e5b275a
c48d60a4e3baf51f9ba03e7a8a3040f3ec7a8c9f5c23dd84dc8c1e355a96517c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /content/dam/dhl/global/core/images/flyout-container-350x224/glo-flyout-parcelsdocuments.web.175.112.jpg HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 01 Dec 2023 17:37:47 GMT
content-type: text/html; charset=UTF-8
content-length: 14940
x-powered-by: PHP/8.2.11
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ja2a5kvr.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/dhl-global-forwarding/images/teaser-image-1200x588/glo-dgf-air-freight-cargo-text-generic.web.400.196.jpg

96.6.17.154

200 OK

34 kB

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/dhl-global-forwarding/images/teaser-image-1200x588/glo-dgf-air-freight-cargo-text-generic.web.400.196.jpg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x196, components 3\012- data
Size
34 kB (34107 bytes)
Hash
439551d8e7db51a7b917fb123df3e891
75ef25168be464500f13e9680d6979f681294774
605715246127fb348fcecfc1b21477bc3ea9a2097fd2c34cacdded434445d8b3

HTTP Headers

GET /content/dam/dhl/global/dhl-global-forwarding/images/teaser-image-1200x588/glo-dgf-air-freight-cargo-text-generic.web.400.196.jpg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Fri, 10 Nov 2023 10:24:55 GMT
etag: "853b-609c9bb45830a"
accept-ranges: bytes
content-length: 34107
content-type: image/jpeg
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-815fcbb4d2c579017011.woff

96.6.17.154

200 OK

41 kB

URL GET HTTP/2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-815fcbb4d2c579017011.woff
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
Web Open Font Format, TrueType, length 41328, version 1.66\012- data
Size
41 kB (41263 bytes)
Hash
e39bd2e2657ce5dd6f9c33df18529233
6db81ebb91bfa67cef8f2f870f03046150568799
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/default-815fcbb4d2c579017011.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja2a5kvr.dreamwp.com/
Origin: https://ja2a5kvr.dreamwp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 27 Apr 2023 08:32:05 GMT
etag: "a170-5fa4d310c72f5-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 41263
content-type: application/font-woff
cache-control: public, max-age=31536000
expires: Sat, 30 Nov 2024 17:37:48 GMT
date: Fri, 01 Dec 2023 17:37:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/content/dam/dhl/global/core/images/marketing-stage-2730x1120/glo-home-maketing-stage-tracking.web.785.246.jpg

176.74.24.122

404 Not Found

15 kB

URL GET HTTP/2
ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/content/dam/dhl/global/core/images/marketing-stage-2730x1120/glo-home-maketing-stage-tracking.web.785.246.jpg
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20451)
Size
15 kB (14940 bytes)
Hash
4f1abd023c048a888a37e6f10f350dde
71c04828c7ce2ccb4dfce30a0450ccfa2e5b275a
c48d60a4e3baf51f9ba03e7a8a3040f3ec7a8c9f5c23dd84dc8c1e355a96517c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /pane/ih/ilo/mo/home/content/dam/dhl/global/core/images/marketing-stage-2730x1120/glo-home-maketing-stage-tracking.web.785.246.jpg HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 01 Dec 2023 17:37:47 GMT
content-type: text/html; charset=UTF-8
content-length: 14940
x-powered-by: PHP/8.2.11
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ja2a5kvr.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/icons/tracking-icons/glo-core-tracking-ocean.svg

96.6.17.154

200 OK

657 B

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/icons/tracking-icons/glo-core-tracking-ocean.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
657 B (657 bytes)
Hash
e9d3c7621ba05770696f9427c8f7b79a
9a9f8deab831c26d36a6fbe1a1482f2e6370f6ca
fa27d936d088620b27debb4c2a3da24d27346505d247a56d098ae56e3a2da07a

HTTP Headers

GET /content/dam/dhl/global/core/images/icons/tracking-icons/glo-core-tracking-ocean.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 18:57:58 GMT
etag: "74c-609bcc845ab90-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 657
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/teaser-image-1200x588/glo-management-services-inventory-financing.web.400.196.jpg

96.6.17.154

200 OK

25 kB

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/teaser-image-1200x588/glo-management-services-inventory-financing.web.400.196.jpg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x196, components 3\012- data
Size
25 kB (24917 bytes)
Hash
72f77f40854c034e3ddd497e7497fd77
e0aa1c9456c82751be6bf693b2792441fbae9ca2
3b0f8bee5b7bec0e3827fe7376bf87ae5060aa8c0af75d1a66a6f89a3363c2f3

HTTP Headers

GET /content/dam/dhl/global/core/images/teaser-image-1200x588/glo-management-services-inventory-financing.web.400.196.jpg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Sat, 11 Nov 2023 09:41:37 GMT
etag: "6155-609dd3e3ff68d"
accept-ranges: bytes
content-length: 24917
content-type: image/jpeg
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/teaser-large-2730x868/green-logistics-street-trees.web.1365.434.jpg

96.6.17.154

200 OK

133 kB

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/teaser-large-2730x868/green-logistics-street-trees.web.1365.434.jpg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1365x434, components 3\012- data
Size
133 kB (132821 bytes)
Hash
832088e347c89e0a1f649428bce178f8
ef4cc39621ae2834ec9066fa14db59ca0e6c07fb
a75067b5a15521e9d18375166ddd0e7e5862d77385169e179e52bff0b408a0bd

HTTP Headers

GET /content/dam/dhl/global/core/images/teaser-large-2730x868/green-logistics-street-trees.web.1365.434.jpg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Fri, 10 Nov 2023 11:17:22 GMT
etag: "206d5-609ca76e08e95"
accept-ranges: bytes
content-length: 132821
content-type: image/jpeg
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/teaser-large-2730x868/glo-our-divisions-teaser-large.web.1365.434.jpg

96.6.17.154

200 OK

79 kB

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/teaser-large-2730x868/glo-our-divisions-teaser-large.web.1365.434.jpg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1365x434, components 3\012- data
Size
79 kB (79267 bytes)
Hash
9b6f91423b68b6efc4cb7734be76a2c1
e1ba042aa44aef6d374bbeef2bac0b3c26357b1f
db6f9786eefb76f416006ac44746d92ba3f970ab329309bf9e0f9913aac716e6

HTTP Headers

GET /content/dam/dhl/global/core/images/teaser-large-2730x868/glo-our-divisions-teaser-large.web.1365.434.jpg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Fri, 10 Nov 2023 10:52:02 GMT
etag: "135a3-609ca1c483c07"
accept-ranges: bytes
content-length: 79267
content-type: image/jpeg
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/teaser-large-2730x868/glo-insights-innovation-teaser-large.web.1365.434.jpg

96.6.17.154

200 OK

135 kB

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/teaser-large-2730x868/glo-insights-innovation-teaser-large.web.1365.434.jpg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1365x434, components 3\012- data
Size
135 kB (135341 bytes)
Hash
e4727c87033fcd343536301a8b7c3d31
e1f4965fdab9255de1ab16681abdb0506955c323
73feb0b8cd1a47f984f792a808935bb35c9021664cd1c43ba9448e96e7097c72

HTTP Headers

GET /content/dam/dhl/global/core/images/teaser-large-2730x868/glo-insights-innovation-teaser-large.web.1365.434.jpg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Fri, 10 Nov 2023 11:02:52 GMT
etag: "210ad-609ca43000fd8"
accept-ranges: bytes
content-length: 135341
content-type: image/jpeg
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/logos/glo-footer-logo.svg

96.6.17.154

200 OK

2.0 kB

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/logos/glo-footer-logo.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (687)
Size
2.0 kB (1997 bytes)
Hash
b7c7a8734b225626e4625cbd0bba042c
970cf5d36ec55dc07478795e99e01e5a4cc5c17a
90fb9be0fae070f08d943401c91c851f70f58ceaf874f4e75aeed2ac3c5a38da

HTTP Headers

GET /content/dam/dhl/global/core/images/logos/glo-footer-logo.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 23:07:32 GMT
etag: "1197-609c044ca6cf6-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 1997
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/logos/youtube-new.svg

96.6.17.154

200 OK

614 B

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/logos/youtube-new.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (971)
Size
614 B (614 bytes)
Hash
376247a0b06e705c758fe04978ea9df5
90d50c682c2ea23a9d26926c6eb3d849b7b94661
acd3eaf2b608fb48f9915964c36772b322ad91106508c4490e2a72122db4d347

HTTP Headers

GET /content/dam/dhl/global/core/images/logos/youtube-new.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 21:42:49 GMT
etag: "584-609bf15cc3ada-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 614
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/logos/facebook-new.svg

96.6.17.154

200 OK

698 B

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/logos/facebook-new.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (963)
Size
698 B (698 bytes)
Hash
259d8928a7fd5329b3d7fd80eca2ea2f
a6337de5ff5761b39a319cd7ec3f8b10f201d066
43027752f5a04142e6518a4fd8ef54e7e73cfba7820da9c03c1ad38835f04fe2

HTTP Headers

GET /content/dam/dhl/global/core/images/logos/facebook-new.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Fri, 10 Nov 2023 09:42:51 GMT
etag: "57e-609c924d20988-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 698
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:47 GMT
date: Fri, 01 Dec 2023 17:37:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/logos/linkedIn-new.svg

96.6.17.154

200 OK

738 B

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/logos/linkedIn-new.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1204)
Size
738 B (738 bytes)
Hash
43efff953a2a3baf6a2ef0528f55dc07
b510bc0512da7d96cdf29a0f1e343319095776de
c32f1a0f5b093b6b2c8f5df0bf93856359769ee6bbab40975043cd133711d528

HTTP Headers

GET /content/dam/dhl/global/core/images/logos/linkedIn-new.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Fri, 10 Nov 2023 01:06:12 GMT
etag: "66f-609c1ed2e2519-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 738
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:48 GMT
date: Fri, 01 Dec 2023 17:37:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/logos/instagram-new.svg

96.6.17.154

200 OK

1.6 kB

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/logos/instagram-new.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4063)
Size
1.6 kB (1608 bytes)
Hash
056511aeb5282ecaab9fbf10ed2273e5
fc29c2c37c4b4a31ad13e80356371e338aef5894
f01c2e1870fcd75ceca3b4c42c3110cb0aa4b933b562cf3d2c7ddd20ce03c7ee

HTTP Headers

GET /content/dam/dhl/global/core/images/logos/instagram-new.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 20:20:55 GMT
etag: "119c-609bdf0e4ba6e-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 1608
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:48 GMT
date: Fri, 01 Dec 2023 17:37:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-3e828e80f6e985c352eb.woff

96.6.17.154

200 OK

44 kB

URL GET HTTP/2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/default-3e828e80f6e985c352eb.woff
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
Web Open Font Format, TrueType, length 44260, version 1.66\012- data
Size
44 kB (44219 bytes)
Hash
4a350e02a03ac62e72e9ea575b31ce84
d47b03b96b6e7034a1473a293bb594e597a41dc2
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/default-3e828e80f6e985c352eb.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja2a5kvr.dreamwp.com/
Origin: https://ja2a5kvr.dreamwp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
last-modified: Thu, 17 Nov 2022 12:35:44 GMT
etag: "ace4-5eda9d3ee5eff-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 44219
content-type: application/font-woff
mpulse_cdn_cache: MISS
mpulse_origin_time: 168
cache-control: public, max-age=31536000
expires: Sat, 30 Nov 2024 17:37:48 GMT
date: Fri, 01 Dec 2023 17:37:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-36e40d8b4a0a369beacf.woff

96.6.17.154

404 Not Found

72 B

URL GET HTTP/2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-36e40d8b4a0a369beacf.woff
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
187fb5df9f84b58a2e7b7da48ac3d6e9
b47ea8ea1db6915e52d7278db114f933878da683
006d444a36b35c40bbbfd7a2bfd1161879c6947cc0832f3e63627f6df1dc566d

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/fonts/iconfont-36e40d8b4a0a369beacf.woff HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja2a5kvr.dreamwp.com/
Origin: https://ja2a5kvr.dreamwp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
content-length: 72
content-type: text/html; charset=iso-8859-1
cache-control: max-age=31536000
expires: Sat, 30 Nov 2024 17:37:48 GMT
date: Fri, 01 Dec 2023 17:37:48 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-akamai-cache: Miss from child, Miss from parent
set-cookie: ak_bmsc=5A0CD74FDD75CD6DE221F530419CE8F1~000000000000000000000000000000~YAAQ3U0kF1rRXN2LAQAAhkJ1JhV9sJAYn/zng5M/JxxY7QLDkYOullwfs2btgKAYpf+tO7DjBKByOXuw8YHs9eu+IJ9negsI5Dm/iI+xoDAaMQluDbNLzYuGt1WwKyyPtyWdx0TRXW/6xA4abMz7UjAuYdgVRWSRpqW0/XHqcj18pcflRr4jKKV/wz0tbszBvMNgy2oL7iWD/Vuag68SU01l7jh1dnE9t6GKZneO7FNlJVksrpEu0t/CWHbzZmeiUxQud5wIdRkSX2LQlzWp1qNvRPKayExmpWeEDyhfQEiUeQvI/+8jneV8//Q9YxT5HQYlsq074Gfgj5OkwjzpvFshoxw70twrYkgCJvDATiXD1mzd9oQoyE4wVxqwnOV92Vten4Mn; Domain=.dhl.com; Path=/; Expires=Fri, 01 Dec 2023 19:37:47 GMT; Max-Age=7199; Secure; HttpOnly
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/icons/general-icons/glo-core-online.svg

96.6.17.154

200 OK

721 B

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/icons/general-icons/glo-core-online.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
721 B (721 bytes)
Hash
3d612e654839ed972b9420e332b03ccc
33137c3f10363632fe66dbe6926ff4b436b25b81
7fb04530877285cb70aba19ab2f3eb8c2fcca66c408ca68715bd58e2dfee2b33

HTTP Headers

GET /content/dam/dhl/global/core/images/icons/general-icons/glo-core-online.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 16:35:18 GMT
etag: "6e6-609baca087683-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 721
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:48 GMT
date: Fri, 01 Dec 2023 17:37:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/icons/general-icons/glo-core-getaquote.svg

96.6.17.154

200 OK

500 B

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/icons/general-icons/glo-core-getaquote.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
500 B (500 bytes)
Hash
20224ab70f5524996910c3b856cced70
ca9f089140d5a68f6c4446494082df09c08b6e99
33e4d6ea85fcc033bc1d066cc202ae0a5a64dbbba953dce91874e81391d54eef

HTTP Headers

GET /content/dam/dhl/global/core/images/icons/general-icons/glo-core-getaquote.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 19:05:23 GMT
etag: "312-609bce2c193d7-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 500
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:48 GMT
date: Fri, 01 Dec 2023 17:37:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/icons/about-us-icons/glo-core-aboutus-contact.svg

96.6.17.154

200 OK

710 B

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/icons/about-us-icons/glo-core-aboutus-contact.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
710 B (710 bytes)
Hash
621d506e5c8a200d25767bc06010fef7
dc39f861f4206a5c2c45072bb1db1090ca022407
597649961adc705bcbffe79a3187ab1c7360a499fe285613490f5aa8e5eb4145

HTTP Headers

GET /content/dam/dhl/global/core/images/icons/about-us-icons/glo-core-aboutus-contact.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Fri, 10 Nov 2023 21:58:08 GMT
etag: "508-609d36a72d7f2-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 710
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:48 GMT
date: Fri, 01 Dec 2023 17:37:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: RefreshHit from child, Hit from parent
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/icons/gogreen-icons/glo-core-gogreen-warehousing.svg

96.6.17.154

200 OK

466 B

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/icons/gogreen-icons/glo-core-gogreen-warehousing.svg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
466 B (466 bytes)
Hash
b35fdccf2d08e3881c190d2619449312
6818f542b225d5cea16f90de6ff82217ee7659a6
bea8a5bcb115d49d5222c79804eeaceadd425c1b36c19396e746749dcc5d9be3

HTTP Headers

GET /content/dam/dhl/global/core/images/icons/gogreen-icons/glo-core-gogreen-warehousing.svg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Fri, 10 Nov 2023 01:06:12 GMT
etag: "2fc-609c1ed2e245d-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 466
content-type: image/svg+xml
expires: Fri, 08 Dec 2023 17:37:48 GMT
date: Fri, 01 Dec 2023 17:37:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/marketing-stage-2730x1120/glo-home-maketing-stage-tracking.web.1365.428.jpg

96.6.17.154

200 OK

48 kB

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/marketing-stage-2730x1120/glo-home-maketing-stage-tracking.web.1365.428.jpg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1365x426, components 3\012- data
Size
48 kB (48387 bytes)
Hash
17a79071c24364e59e718b74b9d79800
25fde076dd46c20f23853dae4ad1533117ee2831
582a0b81c3b017586a45247f70b38a55be5b2ddb581f1dbfb683c262f891633f

HTTP Headers

GET /content/dam/dhl/global/core/images/marketing-stage-2730x1120/glo-home-maketing-stage-tracking.web.1365.428.jpg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Fri, 10 Nov 2023 07:45:50 GMT
etag: W/"bd03-609c78262adda"
accept-ranges: bytes
content-length: 48387
content-type: image/jpeg
expires: Fri, 08 Dec 2023 17:37:48 GMT
date: Fri, 01 Dec 2023 17:37:48 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: RefreshHit from child, Hit from parent
X-Firefox-Spdy: h2

ja2a5kvr.dreamwp.com/global/dhl/news-alerts.gnf.json

176.74.24.122

400 Bad Request

150 B

URL GET.html HTTP/2
ja2a5kvr.dreamwp.com/global/dhl/news-alerts.gnf.json
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
150 B (150 bytes)
Hash
7f077f1fce3d566040b0d69eb1f27d8f
28d9c5f6b214c5cdbe7f7e55d6ed5e82080dea01
487ad0d2cf075f4328a1adf57ef428759ad4e2c873a8ebd2ad9653990829c9cf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET.html /global/dhl/news-alerts.gnf.json HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja2a5kvr.dreamwp.com
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 400 Bad Request
server: nginx
date: Fri, 01 Dec 2023 17:37:48 GMT
content-type: text/html
content-length: 150
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/favicon.ico

96.6.17.154

325 B

URL GET
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/favicon.ico
IP
96.6.17.154:0
ASN
#16625 AKAMAI-AS

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
325 B (325 bytes)
Hash
d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/favicon.ico HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 18:45:31 GMT
etag: "47e-609bc9bb4ef14-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 325
content-type: image/vnd.microsoft.icon
expires: Fri, 08 Dec 2023 17:37:48 GMT
date: Fri, 01 Dec 2023 17:37:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png

176.74.24.122

200 OK

1.2 kB

URL GET HTTP/2
ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Size
1.2 kB (1173 bytes)
Hash
6e5f4e072a2793f9d9cd2a6974d5ccc9
df0d0b28ae71a37dd321d33435c3143a446e2741
148a09a41b13df86b44d2a1f70e2482e5d31fd91ce540a0dbe016011a5fd29b9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 17:37:48 GMT
content-type: image/png
content-length: 1173
last-modified: Fri, 06 May 2022 20:31:24 GMT
etag: "6275859c-495"
expires: Sun, 31 Dec 2023 17:37:48 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/css/bundle-gcs.68ed004d9792c235096195c178032e0f.css

176.74.24.122

200 OK

42 kB

URL GET HTTP/2
ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/css/bundle-gcs.68ed004d9792c235096195c178032e0f.css
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (42276), with no line terminators
Size
42 kB (42276 bytes)
Hash
2b1da9e2cb37dd672a0b9379c0efad23
5ba6e14b518e3a28b35d63068d518da633fee3c5
05673f3a415dcab8c50b30b1ff20f3f90e5949d6fd72a9add7963307dbb1dee7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/css/bundle-gcs.68ed004d9792c235096195c178032e0f.css HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 17:37:47 GMT
content-type: text/css
last-modified: Tue, 03 May 2022 00:23:34 GMT
vary: Accept-Encoding
etag: W/"62707606-a524"
expires: Sun, 31 Dec 2023 17:37:47 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/css/bundle.68ed004d9792c235096195c178032e0f.css

176.74.24.122

200 OK

685 kB

URL GET HTTP/2
ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/css/bundle.68ed004d9792c235096195c178032e0f.css
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
685 kB (685075 bytes)
Hash
be5a6168c92f4e888dbd1db70a888215
9884aba30aeb38109e579d4fafec33a78c9fdca1
a19dfc66e2a19b9b8f45d9474bac3d1555b800dafe055571b98a3706a7d4c0c7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/css/bundle.68ed004d9792c235096195c178032e0f.css HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 17:37:47 GMT
content-type: text/css
last-modified: Tue, 03 May 2022 00:23:18 GMT
vary: Accept-Encoding
etag: W/"627075f6-a7413"
expires: Sun, 31 Dec 2023 17:37:47 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc.clientlibs/dhl/clientlibs/clientlib-core.min.js

176.74.24.122

200 OK

7.4 kB

URL GET HTTP/2
ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc.clientlibs/dhl/clientlibs/clientlib-core.min.js
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7577), with no line terminators
Size
7.4 kB (7410 bytes)
Hash
9180c444626195114652f14837764254
dd65795e1b36e5582f00706803cf9c6b20ab8fee
11f648ab48ebc8a558f4ac31d21f4191979c42531f8d9e71e563041f6c377e4a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /pane/ih/ilo/mo/home/etc.clientlibs/dhl/clientlibs/clientlib-core.min.js HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 17:37:47 GMT
content-type: application/javascript
last-modified: Sat, 25 Nov 2023 13:50:50 GMT
vary: Accept-Encoding
etag: W/"6561fbba-1cf2"
expires: Sun, 31 Dec 2023 17:37:47 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/js/bundle.68ed004d9792c235096195c178032e0f.js

176.74.24.122

200 OK

298 kB

URL GET HTTP/2
ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/js/bundle.68ed004d9792c235096195c178032e0f.js
IP
176.74.24.122:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Certificate
IssuerSectigo Limited
Subject*.dreamwp.com
Fingerprint30:F7:3F:A1:B1:C3:3A:85:4F:A8:2C:82:82:AD:F7:75:4D:65:54:CC
ValidityWed, 04 Jan 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type

Size
298 kB (297782 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /pane/ih/ilo/mo/home/etc/clientlibs/dhl/clientlib-all/js/bundle.68ed004d9792c235096195c178032e0f.js HTTP/1.1
Host: ja2a5kvr.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja2a5kvr.dreamwp.com/pane/ih/ilo/mo/home/info.php
Cookie: PHPSESSID=r8omjqo4cs611p6u3efb7u3gce
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 17:37:47 GMT
content-type: application/javascript
last-modified: Tue, 03 May 2022 00:23:24 GMT
vary: Accept-Encoding
etag: W/"627075fc-48b36"
expires: Sun, 31 Dec 2023 17:37:47 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (42)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers