Report - reurl.cc/OEGZ8D

Report Overview

Submitted URL
reurl.cc/OEGZ8D
IP
35.185.130.121
ASN
#15169 GOOGLE
Submitted
2022-11-29 06:56:31
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - FedEx

Detections

urlquery
12
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	6.5 kB	142.250.74.42
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
reurl.cc	115186	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	1.7 kB	35.185.130.121
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.35
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.77.40
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	29 kB	31.13.72.12
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.8 kB	343 kB	216.58.207.195
www.fedex.com	8412	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	5.9 kB	23.72.139.74
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	455 B	15 kB	142.250.74.10
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
kadyhair.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	316 kB	162.251.85.204
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	21 kB	142.250.74.174
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	578 B	349 B	31.13.72.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/webfont.js	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/cc.js	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css(1)	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/altair_admin_common.min.js	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/webfont.js(1)	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/components_notifications.min.js	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css2	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/login_page.min.js	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css(2)	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/moment.min.js	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/Raleway-Medium.ttf	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/jquery.min.js	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/webfont.js(1)	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/files/fonts/Delivery_W_Rg.woff	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/files/fonts/Delivery_W_Rg.woff	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/common.min.js	Phishing
2022-11-29	medium	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/uikit_custom.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/common.min.js	261 kB	2023-03-07	2024-01-02
Pretty URL kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/common.min.js IP 162.251.85.204 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2024-01-02 14:13:26 Times Seen9 Hash d72ad4ab7ba9bd8d9ec28905c19c4fa8 20214b911b2ccdcc17f2fbc4ee8f4ab9eb652596 ec51c88eee284caa605c52f6949ee54e072d9de79da2749f06b19aaf07bf1ea7 Loading...

	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php	81 B	2023-03-07	2023-06-15
Pretty URL kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php IP 162.251.85.204 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2023-06-15 13:54:22 Times Seen4 Hash 9fe771531ad2f0fce216a0150cd0d331 2e65b3df213f5d6876bbf9503d5ff6ea5ca3e85a f38bf209f7debebf087e76969c01508d30dc86c68ea36c2c0f783b903d6d0a43 Loading...

	reurl.cc/javascripts/ga.js	368 B	2023-03-07	2023-10-01
Pretty URL reurl.cc/javascripts/ga.js IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:39:12 Last Seen2023-10-01 02:49:59 Times Seen15 Hash 0a120f46798be153c7e35d2079611553 0eacad1ecb25762b666080939a7e851809fb02bd fe7f57fde36dcc853aa6efe2b520aedf611b6f1fe3617d2f184d1b2470255185 Loading...

	connect.facebook.net/signals/config/1675200226052423?v=2.9.89&r=stable	26 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/1675200226052423?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:22 Last Seen2023-03-11 22:18:22 Times Seen1 Hash 3342ce5f81c85036d10d55be4baa3d80 02451075aa9690752d0b406f5fc4586f446dbda7 31d921ce74d549936eca0f8eed4ac7f9bb28440f60bcf117dd97d4c333ddf34b Loading...

	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/jquery.min.js	88 kB	2023-03-07	2024-04-23
Pretty URL kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/jquery.min.js IP 162.251.85.204 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2024-04-23 11:18:50 Times Seen8435 Hash 2f772fed444d5489079f275bd01e26cc a8927ac2830b2fdd4a729eb0eb7f80923539ceb9 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a Loading...

	ajax.googleapis.com/ajax/libs/webfont/1/webfont.js	13 kB	2023-03-07	2024-04-23
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1/webfont.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-04-23 00:25:36 Times Seen22351 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	reurl.cc/javascripts/redirect.js	112 B	2023-03-07	2024-04-18
Pretty URL reurl.cc/javascripts/redirect.js IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:39:12 Last Seen2024-04-18 08:53:21 Times Seen101 Hash b8d1b83cdeb3fc39033d345ee45fdea0 4bb7e64cd67345e8e60613c2f6c45c096706854f 0a01cd2c51200f878b658e08c0f37b095cb3ed34e61133f377632b29df9abdaa Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/uikit_custom.min.js	102 kB	2023-03-07	2024-04-07
Pretty URL kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/uikit_custom.min.js IP 162.251.85.204 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2024-04-07 11:22:32 Times Seen106 Hash c0babb05a13d5ac04d289109005b44a8 8ab1732332dfd905d352902a3bd63e53e026caea efdd9955251770a695d41d2a169ea02848aac2a346f5b3b90d9de7c3e8d36e23 Loading...

	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/cc.js	4.7 kB	2023-03-07	2023-06-15
Pretty URL kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/cc.js IP 162.251.85.204 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2023-06-15 13:54:22 Times Seen4 Hash c5d1cd905ec0213767c05d316b65614f fa1d4542b985638783aa09324223260a142dd8ff 18c45b27dc545199f21f7c0f483615a313171f6bdbdd78aac76d5042b2c7f3a5 Loading...

	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php	627 B	2023-03-07	2024-04-04
Pretty URL kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php IP 162.251.85.204 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2024-04-04 07:02:14 Times Seen57 Hash b201513c0278ec41ea7c5ef6a9e8d49b 01f1e02e4a0c5af5508af3ffc0123e4e5fb70b88 d9a6b10b1adfe406ab10beb680272365118f84d0db848ece0cc31a281f279402 Loading...

	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/components_notifications.min.js	1.1 kB	2023-03-07	2024-04-07
Pretty URL kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/components_notifications.min.js IP 162.251.85.204 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2024-04-07 11:22:32 Times Seen151 Hash b627c2a2eb3ed44bdaa291d0fc898316 03e1542cffbd078f0a21ad83ad589ce1679009cc d136e8ae0ac9b54bac28578861fac37ad93bd89b14d253e7d9f4a51609858537 Loading...

	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/login_page.min.js	3.4 kB	2023-03-07	2023-06-15
Pretty URL kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/login_page.min.js IP 162.251.85.204 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2023-06-15 13:54:22 Times Seen6 Hash cd4f006d14a8e8b29311a7102348331c 83b357f8bdc3168c36fcfc3466b507f7018b4f3e 89c741e92104a65004dc19744c5c02d4f07a711f9f07a5edcc4c9af69df7ff36 Loading...

	reurl.cc/javascripts/pixel.js	429 B	2023-03-07	2024-04-18
Pretty URL reurl.cc/javascripts/pixel.js IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:39:12 Last Seen2024-04-18 08:53:21 Times Seen135 Hash 8db606ffbc89a5a15fab90b7aeb7a2e7 1ccf32ca6dbb1fdbc1b049246c08e9e5ddb8bf6f 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698 Loading...

	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/altair_admin_common.min.js	23 kB	2023-03-07	2024-04-07
Pretty URL kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/altair_admin_common.min.js IP 162.251.85.204 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2024-04-07 11:22:32 Times Seen171 Hash 834d2ecce9a8cc7dba36d273de52b28a a605a1843810a676f6018c8a0072de08b05b7ef5 523eb9b6af99c2488af8dcd1a5cd648902c24b4981195b0d0b9f3cdaa2fd3b7f Loading...

	kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/moment.min.js	37 kB	2023-03-07	2023-06-15
Pretty URL kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/moment.min.js IP 162.251.85.204 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2023-06-15 13:54:22 Times Seen6 Hash b188268d8a35ef91287c9ee728c0f9fa 75f39baa97cd760a43ac0895c05c1e157e2e3008 f8e01cc73630038f7f129308fe46b90eace144617dfd033f24dff397ab9a8cfa Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

HTTP Transactions (89)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4019
Expires: Tue, 29 Nov 2022 08:03:19 GMT
Date: Tue, 29 Nov 2022 06:56:20 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5565
Cache-Control: max-age=104866
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 06:56:20 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:04:06 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9639
Expires: Tue, 29 Nov 2022 09:36:59 GMT
Date: Tue, 29 Nov 2022 06:56:20 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: rk8420aHGTvyen5i9aIqlNFDbqqaa2BxzCGl1YGE+MVBHuhRKkbJ0bnyfrxYVCPcDKFmk9PDnts=
x-amz-request-id: M8ATQWX3M0TK4KK4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 06:42:24 GMT
age: 836
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 06:19:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2204
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 06:56:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

reurl.cc/OEGZ8D

35.185.130.121

301 Moved Permanently

178 B

URL HTTP/1.1
reurl.cc/OEGZ8D
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b

HTTP Headers

GET /OEGZ8D HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 29 Nov 2022 06:56:20 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://reurl.cc/OEGZ8D

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 06:08:56 GMT
cache-control: public,max-age=3600
age: 2845
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1648
Cache-Control: max-age=95882
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 06:56:21 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 09:34:23 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7cccdc83b2fee3375f6dc3df0d3c00c2
7a039706b18522a0a5c39a723a74d8ab27321049
7f164b8adfc9f4295f5c4dcbadf81789f35b761bbef7dcb7936a994826ce4984

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F164B8ADFC9F4295F5C4DCBADF81789F35B761BBEF7DCB7936A994826CE4984"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16202
Expires: Tue, 29 Nov 2022 11:26:23 GMT
Date: Tue, 29 Nov 2022 06:56:21 GMT
Connection: keep-alive

push.services.mozilla.com/

54.148.77.40

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.77.40:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lgEbVk0Zkby3coMIdrmeQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wHqxTiOWePgtY15mWbQIZq19vxA=

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af25abbc1f9776cf78b07837dbea38a0
1883049bac2e92f8b3107f6435f00b83d8f4c117
663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3520
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 06:56:22 GMT
Last-Modified: Tue, 29 Nov 2022 05:57:42 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: B7smKpLGGafS+fyeIj+ug3ielwpL9Z1rDwGqsPAO7GCUDRy74hxLCP99nzw+KHwqyOxDbeFQjN/CD/9+kTljsA==
content-length: 27340
x-fb-trip-id: 1904183273
date: Tue, 29 Nov 2022 06:56:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 06:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af25abbc1f9776cf78b07837dbea38a0
1883049bac2e92f8b3107f6435f00b83d8f4c117
663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3520
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 06:56:22 GMT
Last-Modified: Tue, 29 Nov 2022 05:57:42 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 06:41:08 GMT
expires: Tue, 29 Nov 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 914
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j98&a=1782509300&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FOEGZ8D&ul=en-us&de=UTF-8&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=2004070641&gjid=308636923&cid=1782687931.1669704981&tid=UA-102456694-1&_gid=1821411722.1669704981&_r=1&_slc=1&z=614771023

142.250.74.174

200 OK

4 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1782509300&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FOEGZ8D&ul=en-us&de=UTF-8&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=2004070641&gjid=308636923&cid=1782687931.1669704981&tid=UA-102456694-1&_gid=1821411722.1669704981&_r=1&_slc=1&z=614771023
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

HTTP Headers

POST /j/collect?v=1&_v=j98&a=1782509300&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FOEGZ8D&ul=en-us&de=UTF-8&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=2004070641&gjid=308636923&cid=1782687931.1669704981&tid=UA-102456694-1&_gid=1821411722.1669704981&_r=1&_slc=1&z=614771023 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://reurl.cc
date: Tue, 29 Nov 2022 06:56:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 06:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FOEGZ8D&rl=&if=false&ts=1669704981347&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669704981346.604056036&it=1669704981306&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FOEGZ8D&rl=&if=false&ts=1669704981347&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669704981346.604056036&it=1669704981306&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FOEGZ8D&rl=&if=false&ts=1669704981347&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669704981346.604056036&it=1669704981306&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Nov 2022 06:56:22 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc42b30afd37dca63ea9e912403f03b6
37c9979ec382d4f2b4296e9f0e73fc698a9839bb
123643c0413afae269ff4e5d6c98d11d71ceeb25e56181a6339fbe789e6fe104

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "123643C0413AFAE269FF4E5D6C98D11D71CEEB25E56181A6339FBE789E6FE104"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 29 Nov 2022 12:56:22 GMT
Date: Tue, 29 Nov 2022 06:56:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8170
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 06:56:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8170
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 06:56:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8170
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 06:56:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:38:02 GMT
age: 83900
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8170
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 06:56:22 GMT
Connection: keep-alive

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8402 bytes)
Hash
faf3524970b0c3256eb5708f4ccf11ce
47295f2cf1b039c4b85cbe463d7893671a563989
ba0c2ce23eae865936caa7fb47dd1ef6346b8a7bc8340db700df6e2f5e27ec27

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8402
x-amzn-requestid: d2d62f85-b6be-4394-9668-1d913e4120d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYeaGbgoAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d45c-2b6bfdcc72011cf01ddbd66b;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:07:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1il1ILDPBUseZWYjae_R0BQhpdyPTqqI0GycCljovgxjqhYezCwxCA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:17:21 GMT
age: 9541
etag: "47295f2cf1b039c4b85cbe463d7893671a563989"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9162 bytes)
Hash
c808183085a429c53515508678fc7ab2
6567069d9f5199205ba1ca7a937fcb0a52f95d06
c7ca95730cbc97d7c243e05b23520166faefcd2dfe90f36f70fad1f7e4537e4c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9162
x-amzn-requestid: f7fb3b99-6f1c-4ab3-9547-a337d54e8c9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVjI8E9poAMFaQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63854bd2-0679b83d1aa3b7c71aa6bf1c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 00:01:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DVS-FTO93p2gjrvMYzKgNjZmrPxmUuiJHWLuZqOMZzJFwEcWJbW35Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 00:36:14 GMT
etag: "6567069d9f5199205ba1ca7a937fcb0a52f95d06"
content-type: image/jpeg
age: 22808
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9fRfgj9_S00P8fI_T-tVt7khJ1kYZux_55K_yLYUsiyVEoiWRM9QAw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:07:26 GMT
age: 31736
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8921 bytes)
Hash
823e92f62ff7b3c2093828817d7f2866
c501de9eaa581a10b0b5fce40b54bb10f57f7c29
7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ivu6pzZ6dbt3I4tuFMg4oHcuPVdyNS-F3k_lQdmKoXFkdCfSseAEwQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 32967
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6037 bytes)
Hash
b5e2bc1651b37b8e0467c2a6cb860fb3
3348f081a3357490a704592d105d02e81886df89
751c601e075c9338335c05b0f430ba8065b4e97440e6630993afd943f302b253

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6037
x-amzn-requestid: eb17903e-1fd3-4a41-a6d1-8b671d890400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPAJjFa3oAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382ad70-3db95fcd1aeb9c411c55d173;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 00:21:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NqtaziEIRl6auIGehos7TAJfBAY3CtGJX0vC-pWhjs377L_rEyM6hg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 10:14:18 GMT
age: 74524
etag: "3348f081a3357490a704592d105d02e81886df89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup

162.251.85.204

301 Moved Permanently

286 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
286 B (286 bytes)
Hash
2e876c804b91d9702b46a80c2f4fc564
9cf68a47f84c26688656f93cac8dd5519f03ff79
f2708e44eb03399042402964016ab99178c1264bbe7d8af109be61c687c62998

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Tue, 29 Nov 2022 06:56:22 GMT
server: Apache
content-type: text/html; charset=iso-8859-1
content-length: 286
location: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/webfont.js

162.251.85.204

404 Not Found

358 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/webfont.js
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
358 B (358 bytes)
Hash
e6380e0c65d744670ca2bdfdebf952e7
72010e09611689dba83d615d7d4e14525584f574
a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/webfont.js HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
last-modified: Fri, 18 Mar 2022 10:36:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 358
content-type: text/html
date: Tue, 29 Nov 2022 06:56:24 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/cc.js

162.251.85.204

200 OK

1.8 kB

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/cc.js
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (320), with CRLF line terminators
Size
1.8 kB (1771 bytes)
Hash
9b4e8bffaa75046ca2ec51b8a7c448c5
cc7eef0c78146e0e86f24087bb70b768dc9088c7
f0aeee635155694d787d1bc51ddb16e5b8de35b78459096a5b1d62a86329b8f3

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/cc.js HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1771
content-type: application/javascript
date: Tue, 29 Nov 2022 06:56:24 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css(1)

162.251.85.204

200 OK

16 kB

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css(1)
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
16 kB (16267 bytes)
Hash
f24a16efed7b4d060aa639a86bf9aaa0
095befbf49a23e215bf21d27646797470e5a8dc4
59695618c346e1e4a719d56f145686a2273c4248271fe58322b59dcbc5ac7e91

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css(1) HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 06:56:24 GMT
server: Apache
content-length: 16267
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/altair_admin_common.min.js

162.251.85.204

200 OK

7.7 kB

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/altair_admin_common.min.js
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (23095), with no line terminators
Size
7.7 kB (7695 bytes)
Hash
7d65d46f45201aac29576281b2c585ed
5fc9c86d2a6143da2a214b586789d4f1ad7fe6c0
63c069b2aec8b864da9b8147b279e9945bec61b4aec1bb9ed0d69ba378443e97

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/altair_admin_common.min.js HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7695
content-type: application/javascript
date: Tue, 29 Nov 2022 06:56:25 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/webfont.js(1)

162.251.85.204

404 Not Found

358 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/webfont.js(1)
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
358 B (358 bytes)
Hash
e6380e0c65d744670ca2bdfdebf952e7
72010e09611689dba83d615d7d4e14525584f574
a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/webfont.js(1) HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
last-modified: Fri, 18 Mar 2022 10:36:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 358
content-type: text/html
date: Tue, 29 Nov 2022 06:56:25 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/components_notifications.min.js

162.251.85.204

200 OK

494 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/components_notifications.min.js
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (1137), with no line terminators
Size
494 B (494 bytes)
Hash
617f2f4d264e901d754f6c3c5f41fc0a
9867c68b4fcb2408401293a368de2669c101e685
4f03904849e0552b32fdc061eee9b7b3ae8a4aa7407c8e5ea4eda3b6e996caab

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/components_notifications.min.js HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 494
content-type: application/javascript
date: Tue, 29 Nov 2022 06:56:25 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css

162.251.85.204

404 Not Found

358 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
358 B (358 bytes)
Hash
e6380e0c65d744670ca2bdfdebf952e7
72010e09611689dba83d615d7d4e14525584f574
a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Tue, 29 Nov 2022 06:56:24 GMT
server: Apache
content-type: text/html
content-length: 358
last-modified: Fri, 18 Mar 2022 10:36:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css2

162.251.85.204

200 OK

1.8 kB

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css2
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
1.8 kB (1753 bytes)
Hash
ed804a7bc1b72b0ac809a4acee5e4548
e2b640d7e26aec62bd6d4540c687b966443d2c19
f2821108cc29cdc65f034de1d3912f61ae741a1538c57f6fe608fcba64b29d0e

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css2 HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 06:56:24 GMT
server: Apache
content-length: 1753
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/login_page.min.js

162.251.85.204

200 OK

1.3 kB

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/login_page.min.js
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (3435), with no line terminators
Size
1.3 kB (1282 bytes)
Hash
25162e67c96ef7c96499cb5b275866b2
d3bbd93600c85fc2916cba9185f2915340b8f3c2
1bec95204224e8cdc1f765e1a7e8809e634904d415f0e588a3e5ceb2df502a38

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/login_page.min.js HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1282
content-type: application/javascript
date: Tue, 29 Nov 2022 06:56:25 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css(2)

162.251.85.204

200 OK

14 kB

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css(2)
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
14 kB (13915 bytes)
Hash
e70639435b5fee4c363dddaaf20343cc
776cd9749cf21acf4fa70eceef7b311fc7009ba7
5c970e670a1654bc7a5cc49119664f037c1f02551545e7edafca6d01bedbb32c

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/css(2) HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 06:56:25 GMT
server: Apache
content-length: 13915
last-modified: Tue, 05 Oct 2021 14:46:34 GMT
accept-ranges: bytes
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/moment.min.js

162.251.85.204

200 OK

16 kB

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/moment.min.js
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (32005)
Size
16 kB (15603 bytes)
Hash
f2dd9a7fc7b1fa5943dcfd58040eb593
eb6b3c2a3c6ff45d260d709ad6d0956a79d5cc1f
9fca9420afc8b808f29a64ddb7c7018796d84671e381f634a16c7f2acfec403f

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/moment.min.js HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15603
content-type: application/javascript
date: Tue, 29 Nov 2022 06:56:25 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/Raleway-Medium.ttf

162.251.85.204

200 OK

174 kB

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/Raleway-Medium.ttf
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
TrueType Font data, 16 tables, 1st "GPOS", 17 names, Microsoft, language 0x409, Copyright (c) 2010 - 2013, Matt McInerney (matt@pixelspread.com), Pablo Impallari (impallari@gma\012- data
Size
174 kB (174028 bytes)
Hash
bb5ae98e4ce1a64042093dc235c305ed
0c8681407d5de2de363187e7911e790d34d808c1
67544b051079d750900856631013bb2c59da3b92ef45a8eeacb04ffa03ca48a8

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/Raleway-Medium.ttf HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 06:56:24 GMT
server: Apache
content-type: font/ttf
content-length: 174028
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/logo.png

162.251.85.204

200 OK

18 kB

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/logo.png
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 176 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17964 bytes)
Hash
f9f3a4bf508eec8270bf7c8fe4397384
8b47c45b41e159b9dc2d6fe563b1197bd2a3ec16
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/logo.png HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
content-length: 17964
content-type: image/png
date: Tue, 29 Nov 2022 06:56:25 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/fdx.png

162.251.85.204

200 OK

14 kB

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/fdx.png
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 761 x 414, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14103 bytes)
Hash
f7fa2da66257d0eb041d9b07501c05f0
7d1a8cd28f0cdf0197594dce051abb56e3ea2b0c
beaa4df496396992d3476abcb4c407528adb2f833c46ed9d8325c17270709424

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/fdx.png HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
content-length: 14103
content-type: image/png
date: Tue, 29 Nov 2022 06:56:25 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/jquery.min.js

162.251.85.204

200 OK

39 kB

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/jquery.min.js
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
39 kB (39026 bytes)
Hash
1ee5449f28b8166c9791d08cd49bee9b
92843712ae10cd2b4e049f199f61053f1aebeae3
568a3f056fd90158756c8fc0758c2694c93524a41cae3ff4fc325859cd2f28a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/jquery.min.js HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Tue, 29 Nov 2022 06:56:24 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/webfont.js(1)

162.251.85.204

404 Not Found

358 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/webfont.js(1)
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
358 B (358 bytes)
Hash
e6380e0c65d744670ca2bdfdebf952e7
72010e09611689dba83d615d7d4e14525584f574
a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/webfont.js(1) HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
last-modified: Fri, 18 Mar 2022 10:36:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 358
content-type: text/html
date: Tue, 29 Nov 2022 06:56:26 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/

162.251.85.204

302 Found

378 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
378 B (378 bytes)
Hash
be61690d3030f3906818da8e5e00799b
1e9af7b38fa6da038b36d61792f77603b137a115
a4d15fe1cdda9d62b6a71f6d20c355d8a54775f62f1133d153c5f3a5d6057b10

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/ HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reurl.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Tue, 29 Nov 2022 06:56:23 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
location: details.php
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 06:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrE.woff2

216.58.207.195

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrE.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20584, version 1.0\012- data
Size
21 kB (20584 bytes)
Hash
b7308b1e85c5213c9bee19efe3be9813
f4e534653a58693c144d571004f707778f53c6dd
789a571212627c10c632c3d95f8bd02ee0efee27ca3a7e0212de6ef8dca489e7

HTTP Headers

GET /s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 22:48:57 GMT
expires: Thu, 23 Nov 2023 22:48:57 GMT
cache-control: public, max-age=31536000
age: 461249
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8853e60b05a663377ca2eaae75a92350
1f287ee457d736dc78c4131963bfdd0a7739e22f
7ac677a2631c2bf851d53302f358effdbd153eb8972684b6a8a60375fccaa823

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=109352
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 06:56:26 GMT
Etag: "6384b542-1d7"
Expires: Wed, 30 Nov 2022 13:18:58 GMT
Last-Modified: Mon, 28 Nov 2022 13:18:58 GMT
Server: nginx
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 06:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/files/fonts/Delivery_W_Rg.woff

162.251.85.204

404 Not Found

358 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/files/fonts/Delivery_W_Rg.woff
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
358 B (358 bytes)
Hash
e6380e0c65d744670ca2bdfdebf952e7
72010e09611689dba83d615d7d4e14525584f574
a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/files/fonts/Delivery_W_Rg.woff HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/login_page.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
last-modified: Fri, 18 Mar 2022 10:36:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 358
content-type: text/html
date: Tue, 29 Nov 2022 06:56:26 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php

162.251.85.204

200 OK

3.0 kB

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
data
Size
3.0 kB (2977 bytes)
Hash
a8a34f91f06bc6035129a5028cae5ffd
88bde8bb6b1c7875a9e27c59176d162605b436a4
ff0200e15d739bbcddc83861a4fbf097744ad09b836cec40179f98146998ebb0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reurl.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 06:56:24 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8853e60b05a663377ca2eaae75a92350
1f287ee457d736dc78c4131963bfdd0a7739e22f
7ac677a2631c2bf851d53302f358effdbd153eb8972684b6a8a60375fccaa823

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=109352
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 06:56:26 GMT
Etag: "6384b542-1d7"
Expires: Wed, 30 Nov 2022 13:18:58 GMT
Last-Modified: Mon, 28 Nov 2022 13:18:58 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/files/fonts/Delivery_W_Rg.woff

162.251.85.204

404 Not Found

358 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/files/fonts/Delivery_W_Rg.woff
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
358 B (358 bytes)
Hash
e6380e0c65d744670ca2bdfdebf952e7
72010e09611689dba83d615d7d4e14525584f574
a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/files/fonts/Delivery_W_Rg.woff HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/uikit.almost-flat.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
last-modified: Fri, 18 Mar 2022 10:36:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 358
content-type: text/html
date: Tue, 29 Nov 2022 06:56:26 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 06:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

142.250.74.42

200 OK

5.4 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2134)
Size
5.4 kB (5437 bytes)
Hash
30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b

HTTP Headers

GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:34:16 GMT
expires: Wed, 22 Nov 2023 18:34:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 562930
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 06:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.fedex.com/etc.clientlibs/designs/fedex-common/images/resources/fx-favicon.ico

23.72.139.74

200 OK

5.4 kB

URL HTTP/1.1
www.fedex.com/etc.clientlibs/designs/fedex-common/images/resources/fx-favicon.ico
IP
23.72.139.74:0
ASN
#20940 Akamai International B.V.

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
5.4 kB (5430 bytes)
Hash
a53129769d15f251d4e5c5cb966765b4
043d6a7b9cca5d05aba04fc0a3f4527e3ad075e0
eab1b9a0ef942d84e3a8ed8c3e3996acb7a46af9a0b9f914ced662bcbe0e54be

HTTP Headers

GET /etc.clientlibs/designs/fedex-common/images/resources/fx-favicon.ico HTTP/1.1
Host: www.fedex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Apache/2.4
X-Frame-Options: SAMEORIGIN
Last-Modified: Sun, 27 Nov 2022 20:52:31 GMT
Accept-Ranges: bytes
Content-Length: 5430
Content-Type: image/x-icon
Access-Control-Allow-Credentials: true
Referrer-Policy: no-referrer-when-downgrade
Cache-Control: max-age=33061
Expires: Tue, 29 Nov 2022 16:07:27 GMT
Date: Tue, 29 Nov 2022 06:56:26 GMT
Connection: keep-alive
Set-Cookie: Rbt=f0; path=/

fonts.gstatic.com/s/sourcecodepro/v11/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

216.58.207.195

200 OK

14 kB

URL HTTP/2
fonts.gstatic.com/s/sourcecodepro/v11/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 14172, version 1.0\012- data
Size
14 kB (14172 bytes)
Hash
982234eca7d717dd9784d15519ece2f8
fcb1fd93f8ead84854734b3b95ce850e93dae700
659ff6b596a7ddb648cd65a5429893be655629c0d36a7703817a63a0870ec020

HTTP Headers

GET /s/sourcecodepro/v11/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:32:53 GMT
expires: Thu, 23 Nov 2023 19:32:53 GMT
cache-control: public, max-age=31536000
age: 473014
last-modified: Thu, 22 Aug 2019 20:44:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcecodepro/v14/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

216.58.207.195

200 OK

14 kB

URL HTTP/2
fonts.gstatic.com/s/sourcecodepro/v14/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13764, version 1.0\012- data
Size
14 kB (13764 bytes)
Hash
81a1b0e19b36b631642fb3d0b25e021e
323cd515dde6daaf4d502d4a0509de006a6c603c
4fa06b00a08b094490e4af510172ac96fe28039dfc5aac26c439e2e0232c9cc7

HTTP Headers

GET /s/sourcecodepro/v14/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:36:07 GMT
expires: Fri, 24 Nov 2023 21:36:07 GMT
cache-control: public, max-age=31536000
age: 379220
last-modified: Wed, 24 Mar 2021 17:50:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcecodepro/v22/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

216.58.207.195

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/sourcecodepro/v22/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19680, version 1.0\012- data
Size
20 kB (19680 bytes)
Hash
0628e64d7cdd00a4c6c41b7554ecf8b1
0dee04b143193572e8421021f5fe03b006fa4530
1c2e64053b56afdcc933af75555920cf89c08b8ca04961f4815abdbd0bdcdbc3

HTTP Headers

GET /s/sourcecodepro/v22/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19680
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 00:16:47 GMT
expires: Thu, 23 Nov 2023 00:16:47 GMT
cache-control: public, max-age=31536000
age: 542380
last-modified: Tue, 23 Aug 2022 18:25:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Code+Pro:400,700%7CRoboto:400,300,500,700,400italic&subset=latin,latin

142.250.74.10

200 OK

14 kB

URL HTTP/2
fonts.googleapis.com/css?family=Source+Code+Pro:400,700%7CRoboto:400,300,500,700,400italic&subset=latin,latin
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
14 kB (14458 bytes)
Hash
2bca15369ad1f0a89de5363fffcd3c9f
8e7d1f34eb9cae195f779067d26839f35b3d3f9a
9dc5bdf7fa8f5d1b3ba2bed032dd832a353b791639691ced2e26e7b0d991fdd7

HTTP Headers

GET /css?family=Source+Code+Pro:400,700%7CRoboto:400,300,500,700,400italic&subset=latin,latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 06:56:27 GMT
date: Tue, 29 Nov 2022 06:56:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15736, version 1.0\012- data
Size
16 kB (15736 bytes)
Hash
479970ffb74f2117317f9d24d9e317fe
81c796737cbe44d4a719777f0aff14b73a3efb1e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

HTTP Headers

GET /s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:22:19 GMT
expires: Thu, 23 Nov 2023 18:22:19 GMT
cache-control: public, max-age=31536000
age: 477248
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15688, version 1.0\012- data
Size
16 kB (15688 bytes)
Hash
aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

HTTP Headers

GET /s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 10:09:16 GMT
expires: Wed, 22 Nov 2023 10:09:16 GMT
cache-control: public, max-age=31536000
age: 593231
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15784, version 1.0\012- data
Size
16 kB (15784 bytes)
Hash
ef7c6637c68f269a882e73bcb57a7f6a
65025b0cedc3b795c87ad050443c09081d1a8581
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

HTTP Headers

GET /s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15784
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 20:21:50 GMT
expires: Mon, 27 Nov 2023 20:21:50 GMT
cache-control: public, max-age=31536000
age: 124477
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 472939
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15732, version 1.0\012- data
Size
16 kB (15732 bytes)
Hash
80fe119e5efa3911b9d61b265f723b3d
34f751a1b1a0c1c0b5264b99f490e689db939657
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

HTTP Headers

GET /s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15732
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 08:33:07 GMT
expires: Thu, 23 Nov 2023 08:33:07 GMT
cache-control: public, max-age=31536000
age: 512600
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:21 GMT
expires: Thu, 23 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 472926
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15872, version 1.0\012- data
Size
16 kB (15872 bytes)
Hash
020c97dc8e0463259c2f9df929bb0c69
8f956a31154047d1b6527b63db2ecf0f3a463f24
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

HTTP Headers

GET /s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:43:06 GMT
expires: Fri, 24 Nov 2023 05:43:06 GMT
cache-control: public, max-age=31536000
age: 436401
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
f00e7e4432f7c70d8c97efbe2c50d43b
d836c7d4bc52bcd67626b8960ae030ad315c2507
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

HTTP Headers

GET /s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 01:29:35 GMT
expires: Sun, 26 Nov 2023 01:29:35 GMT
cache-control: public, max-age=31536000
age: 278812
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 492535
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15816, version 1.0\012- data
Size
16 kB (15816 bytes)
Hash
2735a3a69b509faf3577afd25bdf552e
8621aff863b67040010ccc183da5b9079ce6fd1d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

HTTP Headers

GET /s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:11:43 GMT
expires: Sun, 26 Nov 2023 21:11:43 GMT
cache-control: public, max-age=31536000
age: 207884
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15828, version 1.0\012- data
Size
16 kB (15828 bytes)
Hash
bf28241e67511184c14dbd0ef7d39f91
c706e0a4122ab727645b744c21667390e8898a4d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

HTTP Headers

GET /s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:47:10 GMT
expires: Wed, 29 Nov 2023 05:47:10 GMT
cache-control: public, max-age=31536000
age: 4157
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 475358
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzI.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17324, version 1.0\012- data
Size
17 kB (17324 bytes)
Hash
51521a2a8da71e50d871ac6fd2187e87
f94000b9ce048908c52269b3705e251a50c6979e
401e6c25801ba2d59795d05a6dd973f95566b41070d3939ba9307d65860ae50e

HTTP Headers

GET /s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 01:46:43 GMT
expires: Sun, 26 Nov 2023 01:46:43 GMT
cache-control: public, max-age=31536000
age: 277784
last-modified: Wed, 24 Jul 2019 01:19:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17304, version 1.0\012- data
Size
17 kB (17304 bytes)
Hash
0bd48206165307e9ae7b2e20f7ed55ca
af097f3155ad953db0254a2da254a41c09fff18d
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

HTTP Headers

GET /s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:14:45 GMT
expires: Sun, 26 Nov 2023 21:14:45 GMT
cache-control: public, max-age=31536000
age: 207702
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Size
17 kB (17368 bytes)
Hash
abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

HTTP Headers

GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:56:18 GMT
expires: Thu, 23 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
age: 475209
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcecodepro/v11/HI_XiYsKILxRpg3hIP6sJ7fM7Pqths7Ds-cq.woff2

216.58.207.195

200 OK

14 kB

URL HTTP/2
fonts.gstatic.com/s/sourcecodepro/v11/HI_XiYsKILxRpg3hIP6sJ7fM7Pqths7Ds-cq.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13908, version 1.0\012- data
Size
14 kB (13908 bytes)
Hash
f85c431d467f00f1f44b1a2dc3792852
f402471d888c79c44cf8b7c689617fac1b6c377b
3e4f914ee59dde6b7fc2f652de38e98a96e0c2afb7fda0c87a936a890c03b4ce

HTTP Headers

GET /s/sourcecodepro/v11/HI_XiYsKILxRpg3hIP6sJ7fM7Pqths7Ds-cq.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kadyhair.com
Connection: keep-alive
Referer: https://kadyhair.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13908
date: Tue, 29 Nov 2022 06:56:27 GMT
expires: Wed, 29 Nov 2023 06:56:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 22 Aug 2019 20:45:34 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/login_page.min.css

162.251.85.204

200 OK

0 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/login_page.min.css
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/login_page.min.css HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Tue, 29 Nov 2022 06:56:24 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/common.min.js

162.251.85.204

200 OK

0 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/common.min.js
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/common.min.js HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Tue, 29 Nov 2022 06:56:25 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/uikit_custom.min.js

162.251.85.204

200 OK

0 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/uikit_custom.min.js
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/uikit_custom.min.js HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Tue, 29 Nov 2022 06:56:25 GMT
server: Apache
X-Firefox-Spdy: h2

reurl.cc/javascripts/pixel.js

35.185.130.121

200 OK

0 B

URL HTTP/2
reurl.cc/javascripts/pixel.js
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /javascripts/pixel.js HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/OEGZ8D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 06:56:21 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
etag: W/"63356adf-1ad"
expires: Wed, 29 Nov 2023 06:56:21 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/uikit.almost-flat.min.css

162.251.85.204

200 OK

0 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/uikit.almost-flat.min.css
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/uikit.almost-flat.min.css HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Tue, 29 Nov 2022 06:56:24 GMT
server: Apache
X-Firefox-Spdy: h2

kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/uikit.almost-flat.min(1).css

162.251.85.204

200 OK

0 B

URL HTTP/2
kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/uikit.almost-flat.min(1).css
IP
162.251.85.204:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mypackageschedule/fedextracks/confirmactions/fedexworkup/fedex/uikit.almost-flat.min(1).css HTTP/1.1
Host: kadyhair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup/details.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Jan 2022 06:15:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Tue, 29 Nov 2022 06:56:24 GMT
server: Apache
X-Firefox-Spdy: h2

reurl.cc/javascripts/ga.js

35.185.130.121

200 OK

0 B

URL HTTP/2
reurl.cc/javascripts/ga.js
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /javascripts/ga.js HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/OEGZ8D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 06:56:21 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
etag: W/"63356adf-170"
expires: Wed, 29 Nov 2023 06:56:21 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

reurl.cc/javascripts/redirect.js

35.185.130.121

200 OK

0 B

URL HTTP/2
reurl.cc/javascripts/redirect.js
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /javascripts/redirect.js HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/OEGZ8D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 06:56:21 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
etag: W/"63356adf-70"
expires: Wed, 29 Nov 2023 06:56:21 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

reurl.cc/OEGZ8D

35.185.130.121

200 OK

0 B

URL HTTP/2
reurl.cc/OEGZ8D
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /OEGZ8D HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 29 Nov 2022 06:56:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
target: https://kadyhair.com/mypackageschedule/fedextracks/confirmactions/fedexworkup
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations