| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php | 45.55.112.74 | 200 OK | 2.8 kB |
URL User Request GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators Hash7ebdcd952ba314761acd86c4f7cd1e2b e5ba6635cf713cc0d58f1925791d7fe54ea6ec4b a50b2ab4fdbb1103819cbd6417ca5bdea7644abe69791220f9bab3add1f525d3
GET /canadafdxcustoms/(;fat2m.php HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:35 GMT
content-type: text/html; charset=UTF-8
content-length: 2750
set-cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js | 104.17.25.14 | 200 OK | 418 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js IP104.17.25.14:443
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65317) Size418 kB (418541 bytes) Hashd5beb8fa265f90be5ccadd6b32b8672f 7bdc23c06b51e7e42c05de486680a3c18aa5ce5a 6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e
GET /ajax/libs/font-awesome/6.2.0/js/all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:53:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 418541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-662ed"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 756238
expires: Mon, 14 Apr 2025 11:53:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yVNAHLcnOT6ihHV3jXPQiA7SktMWoHZjueiNA8xp19bwwdr%2FC7xBo4zRt4KzEYUeVCLcOBRIvVpLlBj9B2B8SODJF5A2PDgGEEWQUIqmA7iwnRiM514oWMQlTye%2B5350A8YwRe9h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8795e3f5a8d1568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js | 104.17.25.14 | 200 OK | 3.1 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js IP104.17.25.14:443
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (542) Hashcc290e6c3aeecf5021dd82ad8df2512a fb983aecd3940e8ebbfe5e74c8099cee9223c957 2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
GET /ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:53:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 3074
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-2087"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1144941
expires: Mon, 14 Apr 2025 11:53:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NAUZ7%2F7Ja5T7yz7kLZrc7i00NfWobFjgOv80H2i%2BylyppAQ4s4OM88A0GrUhrRXTh12VKjoqPttgxBGeBrfJCEWDl7De6ITXEg%2BU%2BRzAAlpL0csmZUxo%2Bu7NqgbuwfOv09k2j%2Fbf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8795e3f5b8de568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js | 151.101.129.229 | 200 OK | 24 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js IP151.101.129.229:443
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65299) Hash0aa8d64e726c4a57adb5c88f9115996b 901169527507ff9e662cf64d8e361f359308970d 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: br
accept-ranges: bytes
date: Wed, 24 Apr 2024 11:53:01 GMT
age: 174164
x-served-by: cache-fra-eddf8230080-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23943
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css | 151.101.129.229 | 200 OK | 25 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css IP151.101.129.229:443
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeUnicode text, UTF-8 text, with very long lines (65306) Hashabe91756d18b7cd60871a2f47c1e8192 7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: br
accept-ranges: bytes
date: Wed, 24 Apr 2024 11:53:01 GMT
age: 27482822
x-served-by: cache-fra-eddf8230097-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
X-Firefox-Spdy: h2
|
|
| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/header-icon1.png | 45.55.112.74 | 200 OK | 1.5 kB |
URL GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/header-icon1.png IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typePNG image data, 90 x 30, 8-bit/color RGB, non-interlaced Hash3436b2db6c85e43ea6ea64b16f7ea65d 6713ee3c84ebb78d252c12586199116359397825 b15bab32569969289dafeba6f869b8dbc36462e013245762e398859204c946e9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - FedEx |
GET /canadafdxcustoms/media/imgs/header-icon1.png HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php
Cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:36 GMT
content-type: image/png
content-length: 1509
last-modified: Tue, 11 Oct 2022 14:49:04 GMT
etag: "5e5-5eac3609d5800"
accept-ranges: bytes
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.1.min.js | 151.101.66.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.1.min.js IP151.101.66.137:443
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
GET /jquery-3.6.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15e40"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 24 Apr 2024 11:53:01 GMT
age: 14576066
x-served-by: cache-lga13629-LGA, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 11, 6314
x-timer: S1713959581.174212,VS0,VE0
vary: Accept-Encoding
content-length: 30957
X-Firefox-Spdy: h2
|
|
| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/css/style.css | 45.55.112.74 | 200 OK | 1.6 kB |
URL GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/css/style.css IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typeASCII text, with very long lines (7353), with CRLF line terminators Hash31c8ff5160678e1a659bc27a64afb5a0 108abc5de9f3b3c2951ae90bc6041cb2264ecf1d aa778a658627c32ef03397d637688d017bae2f88086fc2d865f75aea7b21617b
GET /canadafdxcustoms/media/css/style.css HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php
Cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:36 GMT
content-type: text/css
content-length: 1640
last-modified: Wed, 12 Oct 2022 08:59:00 GMT
etag: "1cbb-5ead29a851d00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/css/helpers.css | 45.55.112.74 | 200 OK | 4.8 kB |
URL GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/css/helpers.css IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typeASCII text, with very long lines (41897), with CRLF line terminators Hash726c60fc192383fbcf04e19677ad0959 e2e966c2b6164806392449ced617227c27d36ab8 1c7070cf33da6adcb7a6b9ff7eb6e06fd8f64958622d61569b990e8b92c58615
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - FedEx |
GET /canadafdxcustoms/media/css/helpers.css HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php
Cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:36 GMT
content-type: text/css
content-length: 4814
last-modified: Thu, 06 Oct 2022 08:31:42 GMT
etag: "a3ab-5ea5985d6f780-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/arrow.png | 45.55.112.74 | 200 OK | 273 B |
URL GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/arrow.png IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typePNG image data, 14 x 8, 8-bit/color RGB, non-interlaced Hashc47dc7dbea172ef9f7d434411988757a 0c05ead64301cef18efa923c381be1d17a4d7a6b 5d40469bec954c9105462c4f8f808c26cb1d2d0462e78326d87a863a4bebcecd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - FedEx |
GET /canadafdxcustoms/media/imgs/arrow.png HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php
Cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:36 GMT
content-type: image/png
content-length: 273
last-modified: Tue, 11 Oct 2022 14:57:26 GMT
etag: "111-5eac37e894180"
accept-ranges: bytes
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/header-icon2.png | 45.55.112.74 | 200 OK | 1.6 kB |
URL GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/header-icon2.png IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typePNG image data, 145 x 30, 8-bit/color RGB, non-interlaced Hash7a732a93510a1f0fdd956277a9e0702d 463234a0214ee950639123acce7e233fe5c6cde4 de3d55a9455a060fdc78a53b9d2726811aea908dc948f7abb9398b7c54cc6e8a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - FedEx |
GET /canadafdxcustoms/media/imgs/header-icon2.png HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php
Cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:36 GMT
content-type: image/png
content-length: 1585
last-modified: Tue, 11 Oct 2022 14:50:12 GMT
etag: "631-5eac364aaf100"
accept-ranges: bytes
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/header-icon3.png | 45.55.112.74 | 200 OK | 1.1 kB |
URL GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/header-icon3.png IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typePNG image data, 85 x 30, 8-bit/color RGB, non-interlaced Hash8edda5f012bef8bc49afdb89cc60fbe1 4343c179508222d02be6868f4bdc89a6bd00a6df eff30400f0ba5f66b1295396f200ae94cac23bbcf9960dce5b67c3d699c73c31
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - FedEx |
GET /canadafdxcustoms/media/imgs/header-icon3.png HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php
Cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:36 GMT
content-type: image/png
content-length: 1101
last-modified: Tue, 11 Oct 2022 14:50:58 GMT
etag: "44d-5eac36768d880"
accept-ranges: bytes
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/dots.png | 45.55.112.74 | 200 OK | 262 B |
URL GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/dots.png IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typePNG image data, 6 x 20, 8-bit/color RGB, non-interlaced Hashce40d9cf16ff0cd7b97abfea2262d01c 021f63f0141a434694ab095fd463a1a06f8f1bda 8748e92ec190b17bed52570d5c87ceee3a44111d16cbd66589d40fddd1b05cb0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - FedEx |
GET /canadafdxcustoms/media/imgs/dots.png HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php
Cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:36 GMT
content-type: image/png
content-length: 262
last-modified: Tue, 11 Oct 2022 20:51:16 GMT
etag: "106-5eac86ff15900"
accept-ranges: bytes
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/icon1.png | 45.55.112.74 | 200 OK | 675 B |
URL GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/icon1.png IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typePNG image data, 26 x 26, 8-bit/color RGB, non-interlaced Hash52503e7b34576b51efe259265d46fcf2 84955a0a3851d194dae9a35942cf735f1ab789f0 22aaf60f91fb5f783db0afc52aca0fbb6c0ed42afef3949c6885d75242146e60
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - FedEx |
GET /canadafdxcustoms/media/imgs/icon1.png HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php
Cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:36 GMT
content-type: image/png
content-length: 675
last-modified: Tue, 11 Oct 2022 14:51:36 GMT
etag: "2a3-5eac369acae00"
accept-ranges: bytes
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/icon3.png | 45.55.112.74 | 200 OK | 616 B |
URL GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/icon3.png IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typePNG image data, 24 x 24, 8-bit/color RGB, non-interlaced Hash9629ded10baaa38c2f16249d31534c17 81c6238bd75d0b51372d645c6e7e524c93602d7f 7ebc82abf1efe7ae7aac40c8f4f493bf7eada63384f66073ed1024069233b7ae
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - FedEx |
GET /canadafdxcustoms/media/imgs/icon3.png HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php
Cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:36 GMT
content-type: image/png
content-length: 616
last-modified: Tue, 11 Oct 2022 14:52:34 GMT
etag: "268-5eac36d21b080"
accept-ranges: bytes
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/logo.png | 45.55.112.74 | 200 OK | 18 kB |
URL GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/logo.png IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typePNG image data, 176 x 50, 8-bit/color RGBA, non-interlaced Hashf9f3a4bf508eec8270bf7c8fe4397384 8b47c45b41e159b9dc2d6fe563b1197bd2a3ec16 99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - FedEx |
GET /canadafdxcustoms/media/imgs/logo.png HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php
Cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:36 GMT
content-type: image/png
content-length: 17964
last-modified: Tue, 11 Oct 2022 14:48:18 GMT
etag: "462c-5eac35ddf7080"
accept-ranges: bytes
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/js/js.js | 45.55.112.74 | 200 OK | 199 B |
URL GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/js/js.js IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash19b21a2bc54e98f8ddd9251812a5940f e358391328bf826c640d35f4a4c15879346c3c30 f6ecae9999b4d4c78226a09e14df1c6ec8bcdf3473377d4e49327e6c9b6b957c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - FedEx |
GET /canadafdxcustoms/media/js/js.js HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php
Cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:36 GMT
content-type: application/javascript
content-length: 199
last-modified: Tue, 11 Oct 2022 22:22:36 GMT
etag: "1f0-5eac9b6938300-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/social.png | 45.55.112.74 | 200 OK | 1.6 kB |
URL GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/social.png IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typePNG image data, 150 x 30, 8-bit/color RGB, non-interlaced Hash13759fb2c6cbee7dd5cb0e75a1c4f9f8 e510b10fede08b92a4cd47a63fdb9460fd7fed08 08e0af481673473e20d15a3e7d688a006670412bd28ae67105af1bd9e5f09256
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - FedEx |
GET /canadafdxcustoms/media/imgs/social.png HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php
Cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:36 GMT
content-type: image/png
content-length: 1638
last-modified: Tue, 11 Oct 2022 14:53:22 GMT
etag: "666-5eac36ffe1c80"
accept-ranges: bytes
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fedex-eservices2024com638597.codeanyapp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:04:32 GMT
expires: Wed, 23 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 100109
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fedex-eservices2024com638597.codeanyapp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:04:32 GMT
expires: Wed, 23 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 100109
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fedex-eservices2024com638597.codeanyapp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:04:32 GMT
expires: Wed, 23 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 100109
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fedex-eservices2024com638597.codeanyapp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:04:32 GMT
expires: Wed, 23 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 100109
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fedex-eservices2024com638597.codeanyapp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:04:32 GMT
expires: Wed, 23 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 100109
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/ff.ico | 45.55.112.74 | 200 OK | 5.4 kB |
URL GET HTTP/2fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/media/imgs/ff.ico IP45.55.112.74:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerLet's Encrypt Subjectcodeanyapp.com FingerprintDF:F1:05:0B:4D:01:A4:04:2E:1F:4B:2B:BE:14:39:08:2D:AA:4C:AD ValidityFri, 19 Apr 2024 07:22:36 GMT - Thu, 18 Jul 2024 07:22:35 GMT
File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hasha53129769d15f251d4e5c5cb966765b4 043d6a7b9cca5d05aba04fc0a3f4527e3ad075e0 eab1b9a0ef942d84e3a8ed8c3e3996acb7a46af9a0b9f914ced662bcbe0e54be
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - FedEx |
GET /canadafdxcustoms/media/imgs/ff.ico HTTP/1.1
Host: fedex-eservices2024com638597.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php
Cookie: PHPSESSID=fnladbm2n8iitvsjrpg4oi9kuv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 11:09:37 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
last-modified: Tue, 11 Oct 2022 15:14:38 GMT
etag: "1536-5eac3bc0c5380"
accept-ranges: bytes
securitas_enable_typing_info:
securitas_autorized_country: fr
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap | 142.250.74.106 | 200 OK | 29 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap IP142.250.74.106:443
Requested byhttps://fedex-eservices2024com638597.codeanyapp.com/canadafdxcustoms/(;fat2m.php CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1572) Hash3b3a4c3f168d62a6ed57d0128ed376ed 3f48ac47817c6c52bd975297be3c03ffe38513a8 90787ca0e77942034765d1f69eff786ed8fbb616ed49ba6fbc8e9f56207c579e
GET /css2?family=Open+Sans:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fedex-eservices2024com638597.codeanyapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 11:53:01 GMT
date: Wed, 24 Apr 2024 11:53:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|