Report - mail.freetarotreading.online/AAAA/sms.php

Report Overview

Submitted URL
mail.freetarotreading.online/AAAA/sms.php
IP
166.62.28.128
ASN
#26496 AS-26496-GO-DADDY-COM-LLC
Submitted
2024-05-02 22:36:55
Access
public
Website Title
Secure Payment
Final URL
mail.freetarotreading.online/AAAA/sms.php
Tags
fedex logistics phishing suspicious
urlquery detections
Phishing - FedEx
Suspicious - Suspicious Javascript code

Detections

urlquery
21
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-02	510 B	16 kB	142.250.74.106
www.fedex.com	8412	1991-02-26	2012-05-22	2024-04-22	489 B	1.4 kB	104.84.152.56
www.multivu.com	471940	2002-04-18	2012-09-25	2024-02-22	541 B	1.6 MB	104.18.33.207
mail.freetarotreading.online	unknown	unknown	No data	No data	12 kB	339 kB	166.62.28.128
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-02	12 kB	379 kB	142.250.74.99
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-02	437 B	6.4 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	mail.freetarotreading.online/AAAA/fedex/login_page.min.js	3.4 kB	2023-03-07	2024-05-03
Pretty URL mail.freetarotreading.online/AAAA/fedex/login_page.min.js IP 166.62.28.128 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2024-05-03 00:37:03 Times Seen8 Hash cd4f006d14a8e8b29311a7102348331c 83b357f8bdc3168c36fcfc3466b507f7018b4f3e 89c741e92104a65004dc19744c5c02d4f07a711f9f07a5edcc4c9af69df7ff36 Loading...

	mail.freetarotreading.online/AAAA/fedex/jquery.min.js	88 kB	2023-03-07	2024-05-17
Pretty URL mail.freetarotreading.online/AAAA/fedex/jquery.min.js IP 166.62.28.128 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2024-05-17 08:56:35 Times Seen8611 Hash 2f772fed444d5489079f275bd01e26cc a8927ac2830b2fdd4a729eb0eb7f80923539ceb9 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a Loading...

	mail.freetarotreading.online/AAAA/fedex/moment.min.js	37 kB	2023-03-07	2024-05-03
Pretty URL mail.freetarotreading.online/AAAA/fedex/moment.min.js IP 166.62.28.128 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2024-05-03 00:37:03 Times Seen8 Hash b188268d8a35ef91287c9ee728c0f9fa 75f39baa97cd760a43ac0895c05c1e157e2e3008 f8e01cc73630038f7f129308fe46b90eace144617dfd033f24dff397ab9a8cfa Loading...

	mail.freetarotreading.online/AAAA/fedex/uikit_custom.min.js	102 kB	2023-03-07	2024-05-03
Pretty URL mail.freetarotreading.online/AAAA/fedex/uikit_custom.min.js IP 166.62.28.128 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2024-05-03 00:37:03 Times Seen108 Hash c0babb05a13d5ac04d289109005b44a8 8ab1732332dfd905d352902a3bd63e53e026caea efdd9955251770a695d41d2a169ea02848aac2a346f5b3b90d9de7c3e8d36e23 Loading...

	mail.freetarotreading.online/AAAA/fedex/altair_admin_common.min.js	23 kB	2023-03-07	2024-05-08
Pretty URL mail.freetarotreading.online/AAAA/fedex/altair_admin_common.min.js IP 166.62.28.128 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2024-05-08 18:30:30 Times Seen179 Hash 834d2ecce9a8cc7dba36d273de52b28a a605a1843810a676f6018c8a0072de08b05b7ef5 523eb9b6af99c2488af8dcd1a5cd648902c24b4981195b0d0b9f3cdaa2fd3b7f Loading...

	mail.freetarotreading.online/AAAA/sms.php	0 B	2023-03-07	2024-05-17
Pretty URL mail.freetarotreading.online/AAAA/sms.php IP 166.62.28.128 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-17 13:31:19 Times Seen37741359 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ajax.googleapis.com/ajax/libs/webfont/1/webfont.js	13 kB	2023-03-07	2024-05-17
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1/webfont.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-05-17 12:58:14 Times Seen23224 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	mail.freetarotreading.online/AAAA/fedex/cc.js	4.7 kB	2023-03-07	2024-05-03
Pretty URL mail.freetarotreading.online/AAAA/fedex/cc.js IP 166.62.28.128 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2024-05-03 00:37:03 Times Seen6 Hash c5d1cd905ec0213767c05d316b65614f fa1d4542b985638783aa09324223260a142dd8ff 18c45b27dc545199f21f7c0f483615a313171f6bdbdd78aac76d5042b2c7f3a5 Loading...

	mail.freetarotreading.online/AAAA/sms.php	0 B	2023-03-07	2024-05-17
Pretty URL mail.freetarotreading.online/AAAA/sms.php IP 166.62.28.128 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-17 13:31:19 Times Seen37741359 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mail.freetarotreading.online/AAAA/fedex/common.min.js	261 kB	2023-03-07	2024-05-03
Pretty URL mail.freetarotreading.online/AAAA/fedex/common.min.js IP 166.62.28.128 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2024-05-03 00:37:03 Times Seen11 Hash d72ad4ab7ba9bd8d9ec28905c19c4fa8 20214b911b2ccdcc17f2fbc4ee8f4ab9eb652596 ec51c88eee284caa605c52f6949ee54e072d9de79da2749f06b19aaf07bf1ea7 Loading...

	mail.freetarotreading.online/AAAA/fedex/components_notifications.min.js	1.1 kB	2023-03-07	2024-05-08
Pretty URL mail.freetarotreading.online/AAAA/fedex/components_notifications.min.js IP 166.62.28.128 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:14 Last Seen2024-05-08 18:30:29 Times Seen157 Hash b627c2a2eb3ed44bdaa291d0fc898316 03e1542cffbd078f0a21ad83ad589ce1679009cc d136e8ae0ac9b54bac28578861fac37ad93bd89b14d253e7d9f4a51609858537 Loading...

HTTP Transactions (52)

URL IP Response Size

mail.freetarotreading.online/AAAA/sms.php

166.62.28.128

200 OK

2.5 kB

URL User Request GET HTTP/2
mail.freetarotreading.online/AAAA/sms.php
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1219)
Size
2.5 kB (2509 bytes)
Hash
c84eb0aeea5a27936509538331c9e43e
41710f8758953f50de6dc5a0beec031b596b6601
8d00368e7c76e4e9244bf45dbeaf388e5038aa6bf4b1be46e5fd91bfb00503fa

HTTP Headers

GET /AAAA/sms.php HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-encoding: br
content-length: 2509
content-type: text/html; charset=UTF-8
date: Thu, 02 May 2024 22:36:29 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/webfont.js

166.62.28.128

404 Not Found

315 B

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/webfont.js
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
HTML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /AAAA/fedex/webfont.js HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Thu, 02 May 2024 22:36:29 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/cc.js

166.62.28.128

200 OK

1.5 kB

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/cc.js
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
ASCII text, with very long lines (320), with CRLF line terminators
Size
1.5 kB (1453 bytes)
Hash
c5d1cd905ec0213767c05d316b65614f
fa1d4542b985638783aa09324223260a142dd8ff
18c45b27dc545199f21f7c0f483615a313171f6bdbdd78aac76d5042b2c7f3a5

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious Javascript code

HTTP Headers

GET /AAAA/fedex/cc.js HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 07 Oct 2021 11:59:44 GMT
etag: "c5c0110-1258-5cdc1ff96ac00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1453
content-type: application/javascript
date: Thu, 02 May 2024 22:36:29 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/css

166.62.28.128

404 Not Found

315 B

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/css
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
HTML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /AAAA/fedex/css HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Thu, 02 May 2024 22:36:29 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/css2

166.62.28.128

200 OK

443 B

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/css2
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
ASCII text
Size
443 B (443 bytes)
Hash
ed804a7bc1b72b0ac809a4acee5e4548
e2b640d7e26aec62bd6d4540c687b966443d2c19
f2821108cc29cdc65f034de1d3912f61ae741a1538c57f6fe608fcba64b29d0e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /AAAA/fedex/css2 HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Oct 2021 06:46:34 GMT
etag: "c5c010e-6d9-5cd9563ef4680-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 443
date: Thu, 02 May 2024 22:36:29 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/css(1)

166.62.28.128

200 OK

924 B

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/css(1)
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
ASCII text
Size
924 B (924 bytes)
Hash
f24a16efed7b4d060aa639a86bf9aaa0
095befbf49a23e215bf21d27646797470e5a8dc4
59695618c346e1e4a719d56f145686a2273c4248271fe58322b59dcbc5ac7e91

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /AAAA/fedex/css(1) HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Oct 2021 06:46:34 GMT
etag: "c5c010f-3f8b-5cd9563ef4680-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 924
date: Thu, 02 May 2024 22:36:29 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/jquery.min.js

166.62.28.128

200 OK

30 kB

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/jquery.min.js
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators
Size
30 kB (30083 bytes)
Hash
2f772fed444d5489079f275bd01e26cc
a8927ac2830b2fdd4a729eb0eb7f80923539ceb9
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

HTTP Headers

GET /AAAA/fedex/jquery.min.js HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 21 Sep 2021 06:44:14 GMT
etag: "c5c010c-15851-5cc7bb9cfcb80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 30083
content-type: application/javascript
date: Thu, 02 May 2024 22:36:29 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/uikit.almost-flat.min.css

166.62.28.128

200 OK

17 kB

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/uikit.almost-flat.min.css
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
ASCII text, with very long lines (64978)
Size
17 kB (17033 bytes)
Hash
e8c1351d339e0a5355f98d3b81b51293
ac0a8c04c72afe3a026d1aa037dffeb50b4b7d23
1d5aa5a9beed4fd3557dfde68317c4cc5a7e626ba54019a8ffbbca9f67c49211

HTTP Headers

GET /AAAA/fedex/uikit.almost-flat.min.css HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Oct 2021 06:46:34 GMT
etag: "c5c0111-18280-5cd9563ef4680-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 17033
content-type: text/css
date: Thu, 02 May 2024 22:36:29 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/login_page.min.css

166.62.28.128

200 OK

12 kB

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/login_page.min.css
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
ASCII text, with very long lines (65010)
Size
12 kB (12491 bytes)
Hash
9a6295c359dd5e96166a47ab7557a671
9dd070ffd40bedaab659005337e56cd9e2a8b9cf
3ace3fdc98a6bf35804653b1257378e29038ea63ac66c8d4f530181a0da9c3e7

HTTP Headers

GET /AAAA/fedex/login_page.min.css HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Oct 2021 06:46:34 GMT
etag: "c5c006f-13040-5cd9563ef4680-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 12491
content-type: text/css
date: Thu, 02 May 2024 22:36:29 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/uikit.almost-flat.min(1).css

166.62.28.128

200 OK

17 kB

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/uikit.almost-flat.min(1).css
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
ASCII text, with very long lines (65456)
Size
17 kB (16902 bytes)
Hash
bc8df63ca82bdae6b372a9a491d6ae8a
727b34c894b2319a1087348e021b7ea2c508d262
1f72d90f225f76501cd690461e423e43f2a4194075b05af560ef37e1149b0db8

HTTP Headers

GET /AAAA/fedex/uikit.almost-flat.min(1).css HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Oct 2021 06:46:34 GMT
etag: "c5c010d-180d9-5cd9563ef4680-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 16902
content-type: text/css
date: Thu, 02 May 2024 22:36:29 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/Raleway-Medium.ttf

166.62.28.128

200 OK

63 kB

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/Raleway-Medium.ttf
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
TrueType Font data, 16 tables, 1st "GPOS", 17 names, Microsoft, language 0x409, Copyright (c) 2010 - 2013, Matt McInerney (matt@pixelspread.com), Pablo Impallari (impallari@gma
Size
63 kB (63047 bytes)
Hash
bb5ae98e4ce1a64042093dc235c305ed
0c8681407d5de2de363187e7911e790d34d808c1
67544b051079d750900856631013bb2c59da3b92ef45a8eeacb04ffa03ca48a8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /AAAA/fedex/Raleway-Medium.ttf HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Oct 2021 06:46:34 GMT
etag: "c5c0109-2a7cc-5cd9563ef4680-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 63047
content-type: font/ttf
date: Thu, 02 May 2024 22:36:29 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/logo.png

166.62.28.128

200 OK

18 kB

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/logo.png
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
PNG image data, 176 x 50, 8-bit/color RGBA, non-interlaced
Size
18 kB (17964 bytes)
Hash
f9f3a4bf508eec8270bf7c8fe4397384
8b47c45b41e159b9dc2d6fe563b1197bd2a3ec16
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /AAAA/fedex/logo.png HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Oct 2021 06:46:34 GMT
etag: "c5c010b-462c-5cd9563ef4680"
accept-ranges: bytes
content-length: 17964
content-type: image/png
date: Thu, 02 May 2024 22:36:30 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/sms.png

166.62.28.128

200 OK

40 kB

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/sms.png
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced
Size
40 kB (39591 bytes)
Hash
64396a9bd37ef964e03cf5c5c5f20450
52ad5e62cf210f42675ce37942bad414e760254d
9c52608a462771750eb1fb966b448056b4e357c9152c4d48c97ce664b73567b2

HTTP Headers

GET /AAAA/fedex/sms.png HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 06 Oct 2021 02:47:48 GMT
etag: "c5c006c-9aa7-5cda62be13d00"
accept-ranges: bytes
content-length: 39591
content-type: image/png
date: Thu, 02 May 2024 22:36:30 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/webfont.js(1)

166.62.28.128

404 Not Found

315 B

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/webfont.js(1)
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
HTML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /AAAA/fedex/webfont.js(1) HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Thu, 02 May 2024 22:36:30 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/css(2)

166.62.28.128

200 OK

824 B

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/css(2)
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
ASCII text
Size
824 B (824 bytes)
Hash
e70639435b5fee4c363dddaaf20343cc
776cd9749cf21acf4fa70eceef7b311fc7009ba7
5c970e670a1654bc7a5cc49119664f037c1f02551545e7edafca6d01bedbb32c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /AAAA/fedex/css(2) HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Oct 2021 06:46:34 GMT
etag: "c5c0108-365b-5cd9563ef4680-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 824
date: Thu, 02 May 2024 22:36:30 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/components_notifications.min.js

166.62.28.128

200 OK

425 B

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/components_notifications.min.js
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
JavaScript source, ASCII text, with very long lines (1137), with no line terminators
Size
425 B (425 bytes)
Hash
b627c2a2eb3ed44bdaa291d0fc898316
03e1542cffbd078f0a21ad83ad589ce1679009cc
d136e8ae0ac9b54bac28578861fac37ad93bd89b14d253e7d9f4a51609858537

HTTP Headers

GET /AAAA/fedex/components_notifications.min.js HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 07 Oct 2021 11:59:58 GMT
etag: "c5c010a-471-5cdc2006c4b80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 425
content-type: application/javascript
date: Thu, 02 May 2024 22:36:30 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/login_page.min.js

166.62.28.128

200 OK

1.2 kB

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/login_page.min.js
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
JavaScript source, ASCII text, with very long lines (3435), with no line terminators
Size
1.2 kB (1179 bytes)
Hash
cd4f006d14a8e8b29311a7102348331c
83b357f8bdc3168c36fcfc3466b507f7018b4f3e
89c741e92104a65004dc19744c5c02d4f07a711f9f07a5edcc4c9af69df7ff36

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious Javascript code

HTTP Headers

GET /AAAA/fedex/login_page.min.js HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 06 Oct 2021 13:17:22 GMT
etag: "c5c0106-d6b-5cdaef762bc80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1179
content-type: application/javascript
date: Thu, 02 May 2024 22:36:30 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/altair_admin_common.min.js

166.62.28.128

200 OK

5.7 kB

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/altair_admin_common.min.js
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
JavaScript source, ASCII text, with very long lines (23095), with no line terminators
Size
5.7 kB (5745 bytes)
Hash
834d2ecce9a8cc7dba36d273de52b28a
a605a1843810a676f6018c8a0072de08b05b7ef5
523eb9b6af99c2488af8dcd1a5cd648902c24b4981195b0d0b9f3cdaa2fd3b7f

HTTP Headers

GET /AAAA/fedex/altair_admin_common.min.js HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 07 Oct 2021 11:59:36 GMT
etag: "c5c0104-5a37-5cdc1ff1c9a00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5745
content-type: application/javascript
date: Thu, 02 May 2024 22:36:30 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/moment.min.js

166.62.28.128

200 OK

13 kB

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/moment.min.js
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
JavaScript source, ASCII text, with very long lines (32005)
Size
13 kB (13203 bytes)
Hash
b188268d8a35ef91287c9ee728c0f9fa
75f39baa97cd760a43ac0895c05c1e157e2e3008
f8e01cc73630038f7f129308fe46b90eace144617dfd033f24dff397ab9a8cfa

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious Javascript code

HTTP Headers

GET /AAAA/fedex/moment.min.js HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Oct 2021 13:50:12 GMT
etag: "c5c006d-90a5-5cdd7a87d4d00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 13203
content-type: application/javascript
date: Thu, 02 May 2024 22:36:30 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/uikit_custom.min.js

166.62.28.128

200 OK

27 kB

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/uikit_custom.min.js
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
JavaScript source, ASCII text, with very long lines (32010)
Size
27 kB (26680 bytes)
Hash
c0babb05a13d5ac04d289109005b44a8
8ab1732332dfd905d352902a3bd63e53e026caea
efdd9955251770a695d41d2a169ea02848aac2a346f5b3b90d9de7c3e8d36e23

HTTP Headers

GET /AAAA/fedex/uikit_custom.min.js HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 06 Oct 2021 13:10:00 GMT
etag: "c5c0070-18d75-5cdaedd0a5a00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 26680
content-type: application/javascript
date: Thu, 02 May 2024 22:36:30 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/common.min.js

166.62.28.128

200 OK

80 kB

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/common.min.js
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
JavaScript source, ASCII text, with very long lines (32023)
Size
80 kB (79612 bytes)
Hash
d72ad4ab7ba9bd8d9ec28905c19c4fa8
20214b911b2ccdcc17f2fbc4ee8f4ab9eb652596
ec51c88eee284caa605c52f6949ee54e072d9de79da2749f06b19aaf07bf1ea7

HTTP Headers

GET /AAAA/fedex/common.min.js HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 07 Oct 2021 11:59:52 GMT
etag: "c5c0105-3fa5a-5cdc20010be00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 79612
content-type: application/javascript
date: Thu, 02 May 2024 22:36:30 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/webfont.js

166.62.28.128

404 Not Found

315 B

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/webfont.js
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
HTML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /AAAA/fedex/webfont.js HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Thu, 02 May 2024 22:36:31 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/css

166.62.28.128

404 Not Found

315 B

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/css
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
HTML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /AAAA/fedex/css HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Thu, 02 May 2024 22:36:31 GMT
server: Apache
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/webfont.js

166.62.28.128

404 Not Found

315 B

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/webfont.js
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
HTML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /AAAA/fedex/webfont.js HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/sms.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Thu, 02 May 2024 22:36:31 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrE.woff2

142.250.74.99

200 OK

21 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrE.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20584, version 1.0
Size
21 kB (20584 bytes)
Hash
b7308b1e85c5213c9bee19efe3be9813
f4e534653a58693c144d571004f707778f53c6dd
789a571212627c10c632c3d95f8bd02ee0efee27ca3a7e0212de6ef8dca489e7

HTTP Headers

GET /s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:00:47 GMT
expires: Fri, 02 May 2025 02:00:47 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
content-type: font/woff2
age: 74144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/files/fonts/Delivery_W_Rg.woff

166.62.28.128

404 Not Found

315 B

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/files/fonts/Delivery_W_Rg.woff
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
HTML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /AAAA/fedex/files/fonts/Delivery_W_Rg.woff HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/fedex/login_page.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Thu, 02 May 2024 22:36:31 GMT
server: Apache
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

142.250.74.74

200 OK

5.4 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
JavaScript source, ASCII text, with very long lines (2134)
Size
5.4 kB (5437 bytes)
Hash
7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

HTTP Headers

GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:37:20 GMT
expires: Fri, 02 May 2025 02:37:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 71951
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mail.freetarotreading.online/AAAA/fedex/files/fonts/Delivery_W_Rg.woff

166.62.28.128

404 Not Found

315 B

URL GET HTTP/2
mail.freetarotreading.online/AAAA/fedex/files/fonts/Delivery_W_Rg.woff
IP
166.62.28.128:443
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerLet's Encrypt
Subjectmail.freetarotreading.online
Fingerprint97:B7:95:B4:AA:C6:5A:4F:59:D2:F6:6E:A8:02:A8:09:DF:57:FF:F4
ValidityThu, 02 May 2024 12:28:13 GMT - Wed, 31 Jul 2024 12:28:12 GMT

File type
HTML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /AAAA/fedex/files/fonts/Delivery_W_Rg.woff HTTP/1.1
Host: mail.freetarotreading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/AAAA/fedex/uikit.almost-flat.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Thu, 02 May 2024 22:36:31 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Code+Pro:400,700%7CRoboto:400,300,500,700,400italic&subset=latin,latin

142.250.74.106

200 OK

15 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Source+Code+Pro:400,700%7CRoboto:400,300,500,700,400italic&subset=latin,latin
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
15 kB (15157 bytes)
Hash
56c1e73bb482481e7f39c2ae48ccc387
a49edf603a15e8acf17ea1d8e5b595f4245fc826
301d729eb1ba873c815b5b607e23b4428611eb77c0c8880ee454145c39229059

HTTP Headers

GET /css?family=Source+Code+Pro:400,700%7CRoboto:400,300,500,700,400italic&subset=latin,latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 May 2024 22:36:32 GMT
date: Thu, 02 May 2024 22:36:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcecodepro/v14/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

142.250.74.99

200 OK

14 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcecodepro/v14/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13764, version 1.0
Size
14 kB (13764 bytes)
Hash
81a1b0e19b36b631642fb3d0b25e021e
323cd515dde6daaf4d502d4a0509de006a6c603c
4fa06b00a08b094490e4af510172ac96fe28039dfc5aac26c439e2e0232c9cc7

HTTP Headers

GET /s/sourcecodepro/v14/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 12:30:11 GMT
expires: Fri, 02 May 2025 12:30:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Mar 2021 17:50:22 GMT
content-type: font/woff2
age: 36381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

142.250.74.99

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21528, version 1.0
Size
22 kB (21528 bytes)
Hash
6113a25a586aeb6d0d3af5b5b652b973
25619eeae1fe17389310e4d392c427b7711dba44
539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f

HTTP Headers

GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Apr 2024 10:46:57 GMT
expires: Wed, 30 Apr 2025 10:46:57 GMT
cache-control: public, max-age=31536000
age: 215375
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

142.250.74.99

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21528, version 1.0
Size
22 kB (21528 bytes)
Hash
6113a25a586aeb6d0d3af5b5b652b973
25619eeae1fe17389310e4d392c427b7711dba44
539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f

HTTP Headers

GET /s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Apr 2024 10:46:57 GMT
expires: Wed, 30 Apr 2025 10:46:57 GMT
cache-control: public, max-age=31536000
age: 215375
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcecodepro/v14/HI_XiYsKILxRpg3hIP6sJ7fM7Pqths7Ds-cq.woff2

142.250.74.99

200 OK

14 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcecodepro/v14/HI_XiYsKILxRpg3hIP6sJ7fM7Pqths7Ds-cq.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13532, version 1.0
Size
14 kB (13532 bytes)
Hash
7d500008b1357dbcd222f9ac4355ad15
9caa9a0abdf817b014eacba368faddba781895b8
884592ac0547e04a7bb56a143d5f31ea9638a96548f1937deb58d710e0b9ae93

HTTP Headers

GET /s/sourcecodepro/v14/HI_XiYsKILxRpg3hIP6sJ7fM7Pqths7Ds-cq.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13532
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 17:23:20 GMT
expires: Fri, 02 May 2025 17:23:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Mar 2021 17:50:27 GMT
content-type: font/woff2
age: 18792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15736, version 1.0
Size
16 kB (15736 bytes)
Hash
479970ffb74f2117317f9d24d9e317fe
81c796737cbe44d4a719777f0aff14b73a3efb1e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

HTTP Headers

GET /s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:18:57 GMT
expires: Fri, 02 May 2025 02:18:57 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
content-type: font/woff2
age: 73055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:52:14 GMT
expires: Fri, 02 May 2025 01:52:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 74658
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15688, version 1.0
Size
16 kB (15688 bytes)
Hash
aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

HTTP Headers

GET /s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:05:23 GMT
expires: Fri, 02 May 2025 02:05:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
content-type: font/woff2
age: 73869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15732, version 1.0
Size
16 kB (15732 bytes)
Hash
80fe119e5efa3911b9d61b265f723b3d
34f751a1b1a0c1c0b5264b99f490e689db939657
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

HTTP Headers

GET /s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15732
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:00:08 GMT
expires: Fri, 02 May 2025 02:00:08 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
content-type: font/woff2
age: 74184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15784, version 1.0
Size
16 kB (15784 bytes)
Hash
ef7c6637c68f269a882e73bcb57a7f6a
65025b0cedc3b795c87ad050443c09081d1a8581
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

HTTP Headers

GET /s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15784
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:02:44 GMT
expires: Fri, 02 May 2025 02:02:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
content-type: font/woff2
age: 74028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:05:48 GMT
expires: Fri, 02 May 2025 02:05:48 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 73844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/sourcecodepro/v11/HI_XiYsKILxRpg3hIP6sJ7fM7Pqths7Ds-cq.woff2

142.250.74.99

200 OK

14 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcecodepro/v11/HI_XiYsKILxRpg3hIP6sJ7fM7Pqths7Ds-cq.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13908, version 1.0
Size
14 kB (13908 bytes)
Hash
f85c431d467f00f1f44b1a2dc3792852
f402471d888c79c44cf8b7c689617fac1b6c377b
3e4f914ee59dde6b7fc2f652de38e98a96e0c2afb7fda0c87a936a890c03b4ce

HTTP Headers

GET /s/sourcecodepro/v11/HI_XiYsKILxRpg3hIP6sJ7fM7Pqths7Ds-cq.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13908
date: Thu, 02 May 2024 22:36:32 GMT
expires: Fri, 02 May 2025 22:36:32 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 22 Aug 2019 20:45:34 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15872, version 1.0
Size
16 kB (15872 bytes)
Hash
020c97dc8e0463259c2f9df929bb0c69
8f956a31154047d1b6527b63db2ecf0f3a463f24
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

HTTP Headers

GET /s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:49:17 GMT
expires: Fri, 02 May 2025 01:49:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
content-type: font/woff2
age: 74835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
f00e7e4432f7c70d8c97efbe2c50d43b
d836c7d4bc52bcd67626b8960ae030ad315c2507
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

HTTP Headers

GET /s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:15:37 GMT
expires: Fri, 02 May 2025 02:15:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
content-type: font/woff2
age: 73255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:49:11 GMT
expires: Fri, 02 May 2025 01:49:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 74841
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15816, version 1.0
Size
16 kB (15816 bytes)
Hash
2735a3a69b509faf3577afd25bdf552e
8621aff863b67040010ccc183da5b9079ce6fd1d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

HTTP Headers

GET /s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:08:49 GMT
expires: Fri, 02 May 2025 02:08:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
content-type: font/woff2
age: 73663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15828, version 1.0
Size
16 kB (15828 bytes)
Hash
bf28241e67511184c14dbd0ef7d39f91
c706e0a4122ab727645b744c21667390e8898a4d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

HTTP Headers

GET /s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:20 GMT
expires: Fri, 02 May 2025 01:56:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
content-type: font/woff2
age: 74412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Apr 2024 10:46:32 GMT
expires: Wed, 30 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 215400
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzI.woff2

142.250.74.99

200 OK

17 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17324, version 1.0
Size
17 kB (17324 bytes)
Hash
51521a2a8da71e50d871ac6fd2187e87
f94000b9ce048908c52269b3705e251a50c6979e
401e6c25801ba2d59795d05a6dd973f95566b41070d3939ba9307d65860ae50e

HTTP Headers

GET /s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:49:33 GMT
expires: Fri, 02 May 2025 01:49:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Jul 2019 01:19:02 GMT
content-type: font/woff2
age: 74819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

142.250.74.99

200 OK

17 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17304, version 1.0
Size
17 kB (17304 bytes)
Hash
0bd48206165307e9ae7b2e20f7ed55ca
af097f3155ad953db0254a2da254a41c09fff18d
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

HTTP Headers

GET /s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:54:01 GMT
expires: Fri, 02 May 2025 01:54:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
content-type: font/woff2
age: 74551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

142.250.74.99

200 OK

17 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17368, version 1.0
Size
17 kB (17368 bytes)
Hash
abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

HTTP Headers

GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:29 GMT
expires: Fri, 02 May 2025 02:01:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 74103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.fedex.com/etc.clientlibs/designs/fedex-common/images/resources/fx-favicon.ico

104.84.152.56

818 B

URL GET
www.fedex.com/etc.clientlibs/designs/fedex-common/images/resources/fx-favicon.ico
IP
104.84.152.56:0
ASN
#20940 Akamai International B.V.

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerSectigo Limited
Subjectwww.fedex.com
Fingerprint58:A6:FF:7E:57:65:24:72:90:F2:4B:A8:71:BC:03:AF:D1:85:E1:11
ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
818 B (818 bytes)
Hash
a53129769d15f251d4e5c5cb966765b4
043d6a7b9cca5d05aba04fc0a3f4527e3ad075e0
eab1b9a0ef942d84e3a8ed8c3e3996acb7a46af9a0b9f914ced662bcbe0e54be

HTTP Headers

GET /etc.clientlibs/designs/fedex-common/images/resources/fx-favicon.ico HTTP/1.1
Host: www.fedex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Apache
x-frame-options: SAMEORIGIN
last-modified: Wed, 01 May 2024 21:07:08 GMT
accept-ranges: bytes
content-type: image/x-icon
access-control-allow-credentials: true
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-length: 818
cache-control: max-age=45991
expires: Fri, 03 May 2024 11:23:03 GMT
date: Thu, 02 May 2024 22:36:32 GMT
vary: Accept-Encoding
akamai-grn: 0.34985468.1714689392.bee95d6
set-cookie: Rbt=f0; path=/
fdx_bman=7e0810fd5d25146dc75414d6cd0d270d; path=/; domain=.www.fedex.com; Secure
X-Firefox-Spdy: h2

www.multivu.com/players/fr/7719651-fedex-saison-fetes-envois-achemines/image/fedex-hub-europeen-de-roissy-charles-de-gaulle-21-HR.jpg

104.18.33.207

200 OK

1.6 MB

URL GET HTTP/2
www.multivu.com/players/fr/7719651-fedex-saison-fetes-envois-achemines/image/fedex-hub-europeen-de-roissy-charles-de-gaulle-21-HR.jpg
IP
104.18.33.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subjectmultivu.com
Fingerprint3A:7D:C4:16:A6:D2:63:A7:FA:02:30:21:0E:46:2F:D5:73:69:4B:60
ValidityMon, 11 Mar 2024 03:34:33 GMT - Sun, 09 Jun 2024 03:34:32 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=16, height=1310, bps=0, PhotometricInterpretation=RGB, manufacturer=Canon, model=Canon EOS-1D, orientation=upper-left, width=2464], baseline, precision 8, 2464x1310, components 3
Size
1.6 MB (1648545 bytes)
Hash
09736dbf5ca354d36159eace63d536aa
e8c5dacf57ac9b55c5bc204c05a3e0637ea2b620
992984e5706a9f3fa56af563b1ea82a948cda731766ee72cfe84f9bcb769250d

HTTP Headers

GET /players/fr/7719651-fedex-saison-fetes-envois-achemines/image/fedex-hub-europeen-de-roissy-charles-de-gaulle-21-HR.jpg HTTP/1.1
Host: www.multivu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 22:36:31 GMT
content-type: image/jpeg
content-length: 1648545
last-modified: Mon, 21 Dec 2015 09:00:04 GMT
etag: "1927a1-52764b70492ff"
accept-ranges: bytes
cache-control: max-age=604800, public, must-revalidate
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=aZmkjFxaWhqd3sQ83_59fSNvCM6ly_D1lHQyobsLy4Y-1714689391-1.0.1.1-sNiRiLezMRvyQiqj70PSJXIYnWFOBugHxiLUiAfDKUXrUbeARD2L1B.gALT18TWVOaT3b1SGvu0Q2FoCQblpQA; path=/; expires=Thu, 02-May-24 23:06:31 GMT; domain=.multivu.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87db7d97aa36569d-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcecodepro/v11/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

142.250.74.99

200 OK

14 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcecodepro/v11/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mail.freetarotreading.online/AAAA/sms.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14172, version 1.0
Size
14 kB (14172 bytes)
Hash
982234eca7d717dd9784d15519ece2f8
fcb1fd93f8ead84854734b3b95ce850e93dae700
659ff6b596a7ddb648cd65a5429893be655629c0d36a7703817a63a0870ec020

HTTP Headers

GET /s/sourcecodepro/v11/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.freetarotreading.online
DNT: 1
Connection: keep-alive
Referer: https://mail.freetarotreading.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 03:36:30 GMT
expires: Fri, 02 May 2025 03:36:30 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 22 Aug 2019 20:44:58 GMT
content-type: font/woff2
age: 68402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML