📌 PoC Capture Page — F047 CORS PII Exfiltration Chain
Hosted at dpd.co.uk.flamez.cc — passes .includes("dpd.co.uk") bypass. Victim authenticated on DPD then redirected here.
Referrer (proves origin from DPD login):
CORS Fetch — apis.login.dpd.co.uk/session (email + uid):
fetching...
CORS Fetch — apis.profiles.dpd.co.uk/addressbook (name, phone, home address):
fetching...
CORS Fetch — apis.send.dpd.co.uk/auth/session (basketId):
fetching...
Exfiltration payload (sent to /log via sendBeacon):
building...
URL received / Cookies (JS-visible):