urlscan.io logo urlscan.io
SecurityTrails logo

nrccdev.wpdrift.no Open in urlscan Pro
2606:4700:3031::6815:4d92  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://panel.empowerhrtraining.com/link.php?F=H&L=16&M=843443&N=63
Effective URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Submission: On October 25 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3031::6815:4d92, located in United States and belongs to CLOUDFLARENET, US. The main domain is nrccdev.wpdrift.no.
TLS certificate: Issued by WE1 on September 13th 2024. Valid for: 3 months.
This is the only time nrccdev.wpdrift.no was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 1 104.129.41.4 8100 (ASN-QUADR...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
3 172.67.209.11 13335 (CLOUDFLAR...)
23 5
1    104.129.41.4 (Miami, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: panel.empowerhrtraining.com
panel.empowerhrtraining.com
15    2606:4700:3031::6815:4d92 (United States)

ASN13335 (CLOUDFLARENET, US)
nrccdev.wpdrift.no
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    172.67.209.11 (United States)

ASN13335 (CLOUDFLARENET, US)
nrccdev.wpdrift.no
Apex Domain
Subdomains		 Transfer
18 wpdrift.no
nrccdev.wpdrift.no
616 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
413 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
49 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
31 KB
1 empowerhrtraining.com
panel.empowerhrtraining.com
273 B
23 5
Domain Requested by
18 nrccdev.wpdrift.no nrccdev.wpdrift.no
2 cdnjs.cloudflare.com nrccdev.wpdrift.no
2 cdn.jsdelivr.net nrccdev.wpdrift.no
1 code.jquery.com nrccdev.wpdrift.no
1 panel.empowerhrtraining.com 1 redirects
23 5

This site contains no links.

Subject Issuer Validity Valid
wpdrift.no
WE1		 2024-09-13 -
2024-12-12		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Frame ID: 5FC17ED9274D66BACABB78A44BC2F82C
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

| DHL |

Page URL History Show full URLs

  1. https://panel.empowerhrtraining.com/link.php?F=H&L=16&M=843443&N=63 HTTP 302
    https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

23
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1109 kB
Transfer

2541 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://panel.empowerhrtraining.com/link.php?F=H&L=16&M=843443&N=63 HTTP 302
    https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request B.php
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/
Redirect Chain
  • https://panel.empowerhrtraining.com/link.php?F=H&L=16&M=843443&N=63
  • https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb1a26a03e83c47d1bd83853e0453bb799e75531efdc3e7dec06f172fb9e3173

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d800a310c493756-MXP
content-encoding
br
content-type
text/html
date
Fri, 25 Oct 2024 06:09:50 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wgIbpemn%2BVf5JSRYnmaAKRmr8EtPkPReJK%2Fa%2BGLUB4ml6b8emOsg3zVGL7QAKk%2BdK5d9DrGQ9%2FpyBGY7P4cbq0DcFlcIDGOHWuMrkTIMIOaHBuXVq%2BttG2exA9EEuE0SFQhFcgCVQJGz09bS6SGXazg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=24132&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4003&recv_bytes=2326&delivery_rate=159043&cwnd=254&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3236&x=0"
vary
Accept-Encoding,User-Agent

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 25 Oct 2024 06:09:47 GMT
Keep-Alive
timeout=5, max=100
Location
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Server
Apache
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.0/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.0/dist/css/bootstrap.min.css
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
04083fcecdd9e19b2acd1e0073437aa07c98d230f0198d7f1fd470ab220fef64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"25faf-xFOpPymXikmUqHIlC710iXewShE"
age
846339
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 25 Oct 2024 06:09:50 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230071-FRA, cache-mxp6982-MXP
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
25375
x-jsd-version
5.0.0
font-awesome.min.css
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/font-awesome.min.css
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oyuLyJGwfGMxLg6uwpk1IulX%2BIV3bBKffwX89c2b4Cm3onStjrqlfi10vJv4Fdv5e2d3pKj%2FLSPcwJxPKpdmQMx2ObXPh7NRT1lRBJZblqzqJlypBYifPfUX%2BlARcYXd%2FyFMJb59JmZf7tdE%2BW31QS4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a4559f43756-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24156&sent=39&recv=29&lost=0&retrans=0&sent_bytes=15802&recv_bytes=3851&delivery_rate=376472&cwnd=257&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3424&x=0"
content-length
7053
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
text/css
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
style.css
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/style.css
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8ec5261fc51d5b899ffe1389c916b6f33082a81dcf334bd530df8dbd10c58bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YViBZ6C%2BF9%2BOg9gWdvle1YVI9oVb9yqs0uTVZLyU7sIigHafeOmhHGQ7Kh%2Bb7U7r4Hd%2BrDkygUPMgYdPSb4hoOg7avNQ9zH8aEPEggE%2BxqtSPWVNDkTllRKa4LhJ9DpAAbWIGtL%2F6%2BfLPmvVc7r%2BVmE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a4559f53756-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24156&sent=34&recv=29&lost=0&retrans=0&sent_bytes=12826&recv_bytes=3851&delivery_rate=376472&cwnd=257&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3421&x=0"
content-length
2426
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
text/css
last-modified
Tue, 18 Jun 2024 02:46:58 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
bootstrap-icons.css
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		64 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/bootstrap-icons.css
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db3bddf54dea690aa25839265e3ba48668aa86636da378edf0eba51fcd783daa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yBZiQzZKvcEUjaryEGNPekn%2BPkI95%2F%2BAuh4iaiv%2Br9Y9LUOagry3AeBqLSKBscTtE8L5atBPenahYeCXjAhLrBDj%2FeTf2pQrfeRVeOWz%2BQHYnOdhcBszFQFk6Zpu8nn2mXRC6SZQ%2BTMEmbdbnITC7fc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a4569f73756-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24819&sent=81&recv=39&lost=0&retrans=0&sent_bytes=43876&recv_bytes=3851&delivery_rate=877070&cwnd=257&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3460&x=0"
content-length
9179
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
text/css
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
dhl-logo.svg
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/dhl-logo.svg
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k1toEE3kHBlYBePasWVCwwkaVOwwZnUBAhSCpKK49nEXR2oF4d9eUE2LSqOAZf3kNgUXSrDOoq5OBkUgyhaF3GhNsx2GWX3%2B8oUNpgzzoFsZwMsSli85wQ9JAQyCg9QerMf5BFi5SeEin4m7q01WbmI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a4569fb3756-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24156&sent=50&recv=29&lost=0&retrans=0&sent_bytes=23459&recv_bytes=3851&delivery_rate=376472&cwnd=257&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3424&x=0"
content-length
722
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
image/svg+xml
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
LOGA.svg
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/LOGA.svg
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
304213033f2a03071409043919d5d27d9847e0fb96c8433871ddcd7ad93fcb39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h7jmsWjspaYk4tnbVKVTA%2Ful3cPsgjfIBfcS5QFNn0%2Bdfq2%2BoUOfINKuPNCB7Y142QNfPxtsUBa59uXrIeD31JPMVibVUFDjMiQ%2BfvVq5yCUP8RD20NQJOxJVbMFiWcxeJAMNCHVmrkD4watZjo9gmo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a4569fc3756-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24156&sent=31&recv=29&lost=0&retrans=0&sent_bytes=11414&recv_bytes=3851&delivery_rate=376472&cwnd=257&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3413&x=0"
content-length
841
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
image/svg+xml
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
LOGAA.svg
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/LOGAA.svg
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fbebbcc1ebf48ebe492e6080cf7c618c15b9a23d5ae6d771b0bce47ad5753eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w04jSXSdJOWYhii%2Fy%2F%2FXqTC0lSeEfVVCL6K0CPj8UXy9VWusdFf4ChLUHIQ7g2RXLm2Wslv5eLIjmF44aIGLTAp3rA1DDq5%2B1ZBPB4pvLXzW0HUZ%2FMR1TLROHfv0R4qV0CJStEXL29GocjQjUjTTwZE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a457a183756-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24083&sent=59&recv=30&lost=0&retrans=0&sent_bytes=28920&recv_bytes=3851&delivery_rate=376472&cwnd=257&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3437&x=0"
content-length
1230
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
image/svg+xml
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
camion.png
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/camion.png
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9749654bdfcce79bc06740ed18ce854c5bc56fd419a8d59fc590777ba942105e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTKLCjw1cxfndgTIa9k%2FwxrEZmKcmZ%2FGa1LvbDj%2FvEbkrZmwsL%2FKRGBikUdInywxXnSa%2FMMnsa26Pjga402lkA0u6uivoHvkPldsWh6BxOBO7%2FGnMZmtuerdkaPjq6x07fE97dIh19c2JxS4P%2FD6ZM0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a457a1b3756-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24083&sent=62&recv=30&lost=0&retrans=0&sent_bytes=30650&recv_bytes=3851&delivery_rate=376472&cwnd=257&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3442&x=0"
content-length
6755
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
image/png
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding
server
cloudflare
MASTERCARD.png
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/MASTERCARD.png
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b0c64f17fef96d35ef346f05acb617ffb26a38ed5ae986965c33364b473d9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPJgXnoA%2B8420hIruF3vLOswTFzFBqGVRkVnSFUxizaoGJVpvvUzCgOMGmcueoj7Ixn5bpiIQUFwtTZgvPHL96YDdRkSMfQYXXCKwA2v0PnieXwU04dnFezK5khiDrzBXnL02Hbq7o%2BBtNu5YqInlI4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a457a1c3756-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=25337&sent=166&recv=77&lost=0&retrans=0&sent_bytes=141662&recv_bytes=3851&delivery_rate=2711676&cwnd=257&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3524&x=0"
content-length
105021
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
image/png
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding
server
cloudflare
DISCOVER.png
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/DISCOVER.png
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed1d00fbbc5778bbc5d329564d513feb299eecdda60a278e600dbd87682b842c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RBbT0mZ%2Bx3psS4RBrvyDrVG0r7f54P5PpBAsETSydOWXF65AVyXSuJ8ld4ca85bToDjHnGejt8C4bjZjUrjZdUpRG36nBhJ1S1SM35cCCs9EFIJHaDawptyrfigNKxHQGJRSO%2FUdj1KnL2lo5Q7W4g8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a457a1d3756-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24912&sent=101&recv=51&lost=0&retrans=0&sent_bytes=63056&recv_bytes=3851&delivery_rate=2043366&cwnd=257&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3492&x=0"
content-length
77617
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
image/png
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding
server
cloudflare
AMEX.png
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/AMEX.png
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b0fac842e83feb713a1c669f2cd6e45d4d1227357463d3a033274027a8d413

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nSDjVyPXzC%2BowMj0PwWkpvnWrf0GNibkJoZzCHr0qQ3aTyk2KoP5QhPVG2dSDC6M8FbX2soJJ%2B%2FuKF2ipb2sLcQj%2FrdKggCb1YClnPLFWErDuFQELXLMR%2FZWfN1i5%2B2W1qEn5ivnunIbDS25aCROEo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a457a1e3756-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24156&sent=53&recv=29&lost=0&retrans=0&sent_bytes=24774&recv_bytes=3851&delivery_rate=376472&cwnd=257&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3430&x=0"
content-length
3588
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
image/png
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding
server
cloudflare
VISA.png
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/VISA.png
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10767c80eb78566839dcfe71641b1774e8bb0c9be5aa47bfa53c8da8ada61fda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ioFGPlAViIvzOiTpsUjsbJ%2F1vagKPoxeLRPin9ldyVI1EkvmB3ommnvOMP1qQ9UVV0qLZU6%2BACKdUOvS%2BDbcLSDbpF3DOBeLluA2YtXGvJJkJg3J0961oVlWHHJVj77gh9JAPsESP9yzjplQ7JcHvjs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a458a283756-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24084&sent=91&recv=47&lost=0&retrans=0&sent_bytes=53717&recv_bytes=3851&delivery_rate=2043366&cwnd=257&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3472&x=0"
content-length
8776
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
image/png
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding
server
cloudflare
group.svg
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/group.svg
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oC%2FoWXbKngQh1CYxS2pmrx%2FX4oFuvmxccMiGABZ3RwQpknqmXkVjJLv0RoHDgoNxZinuiDR0M9c3tqN%2F8pOiKI%2BvVFzTi9L%2Bgtb5LoZiWNX05IMKAVPUn%2FUSFzINN9WUVRYUGQWhwkGQt%2BcvckMjhU4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a458a2d3756-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24848&sent=72&recv=32&lost=0&retrans=0&sent_bytes=38044&recv_bytes=3851&delivery_rate=376472&cwnd=257&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3446&x=0"
content-length
3537
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
image/svg+xml
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
socio.png
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/socio.png
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b5e1fdc845a00e044f1d5136d4d365e319d79caae542b2abef7e9a7eb7d786

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Kh9pMk6FVz9QUYSQqbDhyud5BQKkPt%2B0FwSFsQRdnIyFo8S6mesbNueL40GUA5AxmOj0jvIRuPxMaoTD%2BDVGr3Qy9xUQZekABUxBIp5zDi9z%2F2DLYzOOQOeWjXLf%2BFbYMiQ9iGxElTrtRuhnt%2BbphA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a458a2e3756-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24314&sent=77&recv=36&lost=0&retrans=0&sent_bytes=42091&recv_bytes=3851&delivery_rate=791359&cwnd=257&unsent_bytes=0&cid=20eb933ba4fe1b59&ts=3450&x=0"
content-length
1292
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
image/png
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding
server
cloudflare
rocket-loader.min.js
nrccdev.wpdrift.no/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nrccdev.wpdrift.no/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"6712b248-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=idcC4l4qvEFTqUHSCmJdvSKpagGo2ZRYxZoSXAG%2B7mEp6j7nqBgC%2BbXX%2BR8TEe3wHnNLI96G1RRind70n9%2BKDYi9A6t%2BUwV2U8X00hvZLTQLCw8ldmbI7Zq1MvCItPO6CBvw%2BFMXOhYZfcPAZiwFgpA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d800a458a2f3756-MXP
expires
Sun, 27 Oct 2024 06:09:50 GMT
date
Fri, 25 Oct 2024 06:09:50 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 19:08:56 GMT
server
cloudflare
vary
Accept-Encoding
jquery.mask.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec3-2087"
age
289071
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8briasOVxLXt1BZYV7PZSlmorJCzob1QbVzExxEUsPuNVGTAIamG8EshDUpUTyeEd%2FH%2B%2FxwomMBSb0jkC%2FsXGwgAQ2qpZPXQL3gMdcOhshwpf4TCQfw%2FZRzWvlVfVVzUr4L%2FZd%2B8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 06:09:51 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:47 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d800a46de470e29-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
3074
server
cloudflare
all.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/ 		1 MB
409 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"630e6e62-662ed"
age
282989
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHj2XDx6Oa5nCkSryEK9Q92%2FFwgemrxu3lWhnR1QQ9EqO0gd2hl5k8mr6vYQ%2BSq6AHDJ4cjPOjL0KWo%2BjT0tRzAio8%2BjfyauoLYiJK3nBoMKHQ6OZZDihsFrSiilJM6D6kyWWfyD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 06:09:51 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 30 Aug 2022 20:09:06 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d800a46de430e29-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
418541
server
cloudflare
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
age
4218322
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230080-FRA, cache-mxp6982-MXP
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
23943
x-jsd-version
5.0.2
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15e40"
age
3800630
x-cache
HIT, HIT
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
67170, 87587
x-served-by
cache-lga21975-LGA, cache-mxp6954-MXP
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1729836591.202291,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30957
server
nginx
titiza.png
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		295 KB
296 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/titiza.png
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d8458695fa1a2adb9dd9f5af4b7ab4d47727cea8df0d894a8b17218c3360052

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/style.css

Response headers

server
cloudflare
cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B5ZxidBmbWhKuI1xO1r44nbfYArdBMhe02496q0%2BxdHKre2KKqJUIpbxF3Epx8ocYwK%2Fys3J3JrsOnQQKSY61eJ4f%2BIKSQcCbBvYvGGhmUSb2uvVNC7PQpXPpowMq48NzZz5arQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a46afd24c44-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23707&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4256&recv_bytes=5005&delivery_rate=568&cwnd=12000&unsent_bytes=0&cid=dab636133eb4b143&ts=434&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
302373
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
image/png
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding
priority
u=3,i
bootstrap-icons.woff2
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		83 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d
Requested by
Host: nrccdev.wpdrift.no
URL: https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/bootstrap-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856b3f9e0df4f7061c8948021c7cc6e6263d96c48161e7fe9e4fbefd0c69a085

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nrccdev.wpdrift.no
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/bootstrap-icons.css

Response headers

server
cloudflare
cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4e3%2FjatIQEMOQ820pNaqW5vFbUnl8lKNEjUU32oJJFyXBmOUx%2BtApS1Dgs6aY3h0pFfDqkcZS%2Fg6SssYQVNA0WdCVIgJwe8ukz7hJkBVbmNKDRKMR%2BAaqXH4r34DH%2F1pdLeHHV8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d800a46cffc4c44-MXP
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23707&sent=23&recv=11&lost=0&retrans=0&sent_bytes=16256&recv_bytes=5005&delivery_rate=568&cwnd=12000&unsent_bytes=0&cid=dab636133eb4b143&ts=451&x=1", cfExtPri, cfHdrFlush;dur=8
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
font/woff2
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding,User-Agent
priority
u=0,i=?0
favicon.ico
nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/ 		1 KB
986 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/X911/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nrccdev.wpdrift.no/wp-content/languages/DHL/bkkl/MTTRBDFH/B.php

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fkoXlQ1GZVWigHk1xtlwbupBdu2axt730M%2BF%2Bt7ygDSy2korBK3c8JDndDnM037hDzSuBk6fBtkqrDlPONhuliVUZAcHIi1Tr29LnKhHymhXlfY4DylQlt80GY0UoPFqInIi4ME%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25121&sent=349&recv=83&lost=0&retrans=0&sent_bytes=401574&recv_bytes=8594&delivery_rate=6009640&cwnd=218400&unsent_bytes=0&cid=dab636133eb4b143&ts=720&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:09:51 GMT
content-type
image/x-icon
last-modified
Fri, 23 Feb 2024 19:17:46 GMT
vary
Accept-Encoding,User-Agent
priority
u=1,i
cache-control
max-age=2073600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d800a491b944c44-MXP
accept-ranges
bytes
content-length
325
server
cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR function| $ function| jQuery number| uidEvent object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| $jscomp boolean| __cfRLUnblockHandlers

1 Cookies

Domain/Path Name / Value
nrccdev.wpdrift.no/ Name: PHPSESSID
Value: fc46812a66f751a40fdd7a1d94435dac

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
nrccdev.wpdrift.no
panel.empowerhrtraining.com
104.129.41.4
104.17.24.14
172.67.209.11
2606:4700:3031::6815:4d92
2a04:4e42:400::649
2a04:4e42:600::485
04083fcecdd9e19b2acd1e0073437aa07c98d230f0198d7f1fd470ab220fef64
10767c80eb78566839dcfe71641b1774e8bb0c9be5aa47bfa53c8da8ada61fda
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
304213033f2a03071409043919d5d27d9847e0fb96c8433871ddcd7ad93fcb39
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
39b5e1fdc845a00e044f1d5136d4d365e319d79caae542b2abef7e9a7eb7d786
3d8458695fa1a2adb9dd9f5af4b7ab4d47727cea8df0d894a8b17218c3360052
3fbebbcc1ebf48ebe492e6080cf7c618c15b9a23d5ae6d771b0bce47ad5753eb
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038
6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
856b3f9e0df4f7061c8948021c7cc6e6263d96c48161e7fe9e4fbefd0c69a085
9749654bdfcce79bc06740ed18ce854c5bc56fd419a8d59fc590777ba942105e
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a8ec5261fc51d5b899ffe1389c916b6f33082a81dcf334bd530df8dbd10c58bb
b3b0fac842e83feb713a1c669f2cd6e45d4d1227357463d3a033274027a8d413
cb1a26a03e83c47d1bd83853e0453bb799e75531efdc3e7dec06f172fb9e3173
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d8b0c64f17fef96d35ef346f05acb617ffb26a38ed5ae986965c33364b473d9d
db3bddf54dea690aa25839265e3ba48668aa86636da378edf0eba51fcd783daa
ed1d00fbbc5778bbc5d329564d513feb299eecdda60a278e600dbd87682b842c