Report - fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098

Report Overview

Submitted URL
fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
IP
43.250.142.118
ASN
#45638 SYNERGY WHOLESALE PTY LTD
Submitted
2022-11-23 04:55:02
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - FedEx

Detections

urlquery
12
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	853 B	47 kB	151.101.85.229
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.41.201.177
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	62 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.7 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.35
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	458 B	69.16.175.10
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
fedex.delivery-tracking.aiip.org.au	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.2 kB	41 kB	43.250.142.118
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.20.226
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	522 B	46 kB	216.58.207.195
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	840 B	424 kB	104.17.24.14
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	448 B	2.0 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-23	medium	fedex.delivery-tracking.aiip.org.au/774/504574/media/js/js.js	Phishing
2022-11-23	medium	fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/ff.ico	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098	894 B	2023-03-11	2024-01-24
Pretty URL fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098 IP 43.250.142.118 ASN #45638 SYNERGY WHOLESALE PTY LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:06:19 Last Seen2024-01-24 02:28:09 Times Seen23 Hash 354b63fdaa74e1f3ae3f1dc7bb0287c5 24fd7869db47f14ab569346ae616a529f770926b 04710552665e95ccbc42fe213f4df69dc4a931bd3859cfa8a9340f9d6907b59e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js	8.3 kB	2023-03-07	2024-05-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:41 Last Seen2024-05-09 01:55:27 Times Seen12989 Hash cc290e6c3aeecf5021dd82ad8df2512a fb983aecd3940e8ebbfe5e74c8099cee9223c957 2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995 Loading...

	unknown	0 B	2023-03-07	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-09 04:20:27 Times Seen37456843 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	code.jquery.com/jquery-3.6.1.min.js	90 kB	2023-03-07	2024-05-09
Pretty URL code.jquery.com/jquery-3.6.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:27 Last Seen2024-05-09 01:55:27 Times Seen23523 Hash 00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js	79 kB	2023-03-07	2024-05-09
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:37 Last Seen2024-05-09 01:55:27 Times Seen26910 Hash 0aa8d64e726c4a57adb5c88f9115996b 901169527507ff9e662cf64d8e361f359308970d 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe Loading...

	fedex.delivery-tracking.aiip.org.au/774/504574/media/js/js.js	496 B	2023-03-08	2024-04-25
Pretty URL fedex.delivery-tracking.aiip.org.au/774/504574/media/js/js.js IP 43.250.142.118 ASN #45638 SYNERGY WHOLESALE PTY LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:46:00 Last Seen2024-04-25 23:15:45 Times Seen261 Hash 19b21a2bc54e98f8ddd9251812a5940f e358391328bf826c640d35f4a4c15879346c3c30 f6ecae9999b4d4c78226a09e14df1c6ec8bcdf3473377d4e49327e6c9b6b957c Loading...

HTTP Transactions (45)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8853
Expires: Wed, 23 Nov 2022 07:22:24 GMT
Date: Wed, 23 Nov 2022 04:54:51 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4549
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:54:52 GMT
Last-Modified: Wed, 23 Nov 2022 03:39:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 04:09:22 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2730
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13956
Expires: Wed, 23 Nov 2022 08:47:28 GMT
Date: Wed, 23 Nov 2022 04:54:52 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: PutiEsiGWdtr/d963Zyrdrj2nMRJfnnHLq0t5WSWwlFZ59AiskJRM6/dmQlSzURDWkD22OBx3cg=
x-amz-request-id: DCRW3ZX12G8KZESK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 04:39:51 GMT
age: 901
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:54:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098

43.250.142.118

200 OK

3.0 kB

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
3.0 kB (3015 bytes)
Hash
2d4427d1a346c986924370f900bc5ee9
dd1dd8e035307c2f4f03c4aa9620583488f9056b
9955343cfd895e0efdf2ac7bbda543bd49b8d19ac4c4195015f43891cd07744f

HTTP Headers

GET /774/504574/step2.php?id=85213098 HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
set-cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 3015
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 23 Nov 2022 04:54:52 GMT
server: LiteSpeed

cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js

104.17.24.14

200 OK

3.1 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (542)
Size
3.1 kB (3074 bytes)
Hash
ee1e78d5182d11f90d34f2532969c0f3
4e9d3089411d77cdabf69783231bb908ecef3e41
55f0153bce54388d93dcd8d6f9ec372ab15a325395dbbed110e0dd2782424473

HTTP Headers

GET /ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:54:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 3074
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-2087"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2425578
expires: Mon, 13 Nov 2023 04:54:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wwEOX8%2BpoKChhm2hCjMPOiADBUNKy2yWQnaF8nyDeCifp4iIXg7X3S8yzD7onABf3g1Z2xistsYcS3jsxotmdfVv%2ByNbrE%2BP7wsnP7CDItkTyhi0Bx58W%2BkfIPj5h2nTl3KE%2FUG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76e74f321d7d1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js

104.17.24.14

200 OK

418 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65317)
Size
418 kB (418541 bytes)
Hash
5fad3dc691d4266f895b8b46ed385af4
9fc1dccee15765db364ede21487b5c99cbc09c4a
cc1198acf1e1790692faa3db9f0997a6f7e1e4589c41873a0725726640a0deba

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/js/all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:54:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 418541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-662ed"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 24469
expires: Mon, 13 Nov 2023 04:54:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ftbepu0pWDPIP9OYPM1zwktwOMgSNs%2B7nCpG2zFUS6UjSNDm8KtFTpBvQW%2F3ghA7TR9WHXwo2zpOqs24v9OIoSscXTN39%2BWjg8M3Lkiy58tIHx9lrWDvltN%2FyNWSwf%2B0mioRuhFk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76e74f320d791c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

151.101.85.229

200 OK

22 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65299)
Size
22 kB (22442 bytes)
Hash
84e585e508257b149cf52b5ba65dafba
141cd4a3560a4dd2b4fdf9e961079c300f494030
1a00d92371bb1b61d8fdce1473af8c69798eaa34ee7941f58babd75c8283d56d

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 23 Nov 2022 04:54:52 GMT
age: 21325648
x-served-by: cache-fra19122-FRA, cache-bma1629-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22442
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

151.101.85.229

200 OK

23 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
23 kB (22977 bytes)
Hash
f1883dfe3d1a16da0d5ad68f7228f99a
37e13f8f11c6c21ad2ea36a108e9006132586635
601ab8c5f5909131ea6a53a997f04c7c6e733127858045caeaa53701978f7e7a

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 23 Nov 2022 04:54:52 GMT
age: 17919255
x-served-by: cache-fra19150-FRA, cache-bma1629-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22977
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
58fc65f4a39e0ff85bb939a50cc31da1
37a2eb30d15299e69d358ee8dffdc97d76ab7b85
43aa8a980af1c80409ec5dcea8d2b754d40b72fdc60d3a936d6f18068b33a541

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:54:52 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "AC7501C0DDF2B4B10F6CC93F93A0540959157072"
Expires: Wed, 23 Nov 2022 16:00:00 GMT
Last-Modified: Wed, 23 Nov 2022 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 561
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e74f32fe020b61-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 04:11:11 GMT
cache-control: public,max-age=3600
age: 2621
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

fedex.delivery-tracking.aiip.org.au/774/504574/media/css/style.css

43.250.142.118

200 OK

1.6 kB

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/media/css/style.css
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
ASCII text, with very long lines (7353), with CRLF line terminators
Size
1.6 kB (1640 bytes)
Hash
82e2d44c99f1ea765d21283805606bb6
63981b60f3c36c6f8c1c74b5d61718c3ec62c430
0dc37d8d490ac8e6369be936b07640fa4bb6bbd2e09a13f737db6c57a9c53f59

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx

HTTP Headers

GET /774/504574/media/css/style.css HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
Cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:54:52 GMT
content-type: text/css
last-modified: Wed, 12 Oct 2022 09:59:00 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1640
date: Wed, 23 Nov 2022 04:54:52 GMT
server: LiteSpeed

fedex.delivery-tracking.aiip.org.au/774/504574/media/css/helpers.css

43.250.142.118

200 OK

4.8 kB

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/media/css/helpers.css
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
ASCII text, with very long lines (41897), with CRLF line terminators
Size
4.8 kB (4813 bytes)
Hash
53018f98f88d48b798b5ae48aea6d744
3d408e1e6f7e424614cde3cda83e3989a51f7700
c28cf06c68bc826ae950b55afddde955044cf1125214ec1e7a1e18263d81edc2

HTTP Headers

GET /774/504574/media/css/helpers.css HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
Cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:54:52 GMT
content-type: text/css
last-modified: Thu, 06 Oct 2022 09:31:42 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4813
date: Wed, 23 Nov 2022 04:54:52 GMT
server: LiteSpeed

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap

142.250.74.10

200 OK

1.3 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1261 bytes)
Hash
5c240c206b508993d9916f3edee2acd7
5bef818a607fdd19048f974c438ef56eaf99a014
e732fea8c570235b40540080b1895f32805e6fc4e30c9dd786ec9d5688b87587

HTTP Headers

GET /css2?family=Open+Sans:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 04:54:52 GMT
date: Wed, 23 Nov 2022 04:54:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6302
Cache-Control: max-age=107825
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:54:52 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:51:57 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fedex.delivery-tracking.aiip.org.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 05:42:51 GMT
expires: Fri, 17 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 515521
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/arrow.png

43.250.142.118

200 OK

273 B

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/arrow.png
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
PNG image data, 14 x 8, 8-bit/color RGB, non-interlaced\012- data
Size
273 B (273 bytes)
Hash
c47dc7dbea172ef9f7d434411988757a
0c05ead64301cef18efa923c381be1d17a4d7a6b
5d40469bec954c9105462c4f8f808c26cb1d2d0462e78326d87a863a4bebcecd

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx

HTTP Headers

GET /774/504574/media/imgs/arrow.png HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
Cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:54:52 GMT
content-type: image/png
last-modified: Tue, 11 Oct 2022 15:57:26 GMT
accept-ranges: bytes
content-length: 273
date: Wed, 23 Nov 2022 04:54:52 GMT
server: LiteSpeed

fedex.delivery-tracking.aiip.org.au/774/504574/media/js/js.js

43.250.142.118

200 OK

199 B

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/media/js/js.js
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
ASCII text, with CRLF line terminators
Size
199 B (199 bytes)
Hash
9c2312f0b7b0d66919c1f1dc241c7a0a
9751546e8bcc20185bc96f951ded68d1e17b5ab8
9bb7a30dedca68eec23b19170f14ad71d98e098dddc2899d375f2bd9ee4cc534

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx
fortinet	Phishing

HTTP Headers

GET /774/504574/media/js/js.js HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
Cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:54:52 GMT
content-type: application/javascript
last-modified: Tue, 11 Oct 2022 23:22:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 199
date: Wed, 23 Nov 2022 04:54:52 GMT
server: LiteSpeed

fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/header-icon3.png

43.250.142.118

200 OK

1.1 kB

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/header-icon3.png
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
PNG image data, 85 x 30, 8-bit/color RGB, non-interlaced\012- data
Size
1.1 kB (1101 bytes)
Hash
8edda5f012bef8bc49afdb89cc60fbe1
4343c179508222d02be6868f4bdc89a6bd00a6df
eff30400f0ba5f66b1295396f200ae94cac23bbcf9960dce5b67c3d699c73c31

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx

HTTP Headers

GET /774/504574/media/imgs/header-icon3.png HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
Cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:54:52 GMT
content-type: image/png
last-modified: Tue, 11 Oct 2022 15:50:58 GMT
accept-ranges: bytes
content-length: 1101
date: Wed, 23 Nov 2022 04:54:52 GMT
server: LiteSpeed

fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/header-icon1.png

43.250.142.118

200 OK

1.5 kB

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/header-icon1.png
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
PNG image data, 90 x 30, 8-bit/color RGB, non-interlaced\012- data
Size
1.5 kB (1509 bytes)
Hash
3436b2db6c85e43ea6ea64b16f7ea65d
6713ee3c84ebb78d252c12586199116359397825
b15bab32569969289dafeba6f869b8dbc36462e013245762e398859204c946e9

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx

HTTP Headers

GET /774/504574/media/imgs/header-icon1.png HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
Cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:54:52 GMT
content-type: image/png
last-modified: Tue, 11 Oct 2022 15:49:04 GMT
accept-ranges: bytes
content-length: 1509
date: Wed, 23 Nov 2022 04:54:52 GMT
server: LiteSpeed

fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/header-icon2.png

43.250.142.118

200 OK

1.6 kB

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/header-icon2.png
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
PNG image data, 145 x 30, 8-bit/color RGB, non-interlaced\012- data
Size
1.6 kB (1585 bytes)
Hash
7a732a93510a1f0fdd956277a9e0702d
463234a0214ee950639123acce7e233fe5c6cde4
de3d55a9455a060fdc78a53b9d2726811aea908dc948f7abb9398b7c54cc6e8a

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx

HTTP Headers

GET /774/504574/media/imgs/header-icon2.png HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
Cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:54:52 GMT
content-type: image/png
last-modified: Tue, 11 Oct 2022 15:50:12 GMT
accept-ranges: bytes
content-length: 1585
date: Wed, 23 Nov 2022 04:54:52 GMT
server: LiteSpeed

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.41.201.177

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.201.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xINlCTteSdoZsAuj3EwEYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e5Vm/ODNyxniukkxq0/vLnXpjUM=

fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/logo.png

43.250.142.118

200 OK

18 kB

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/logo.png
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
PNG image data, 176 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17964 bytes)
Hash
f9f3a4bf508eec8270bf7c8fe4397384
8b47c45b41e159b9dc2d6fe563b1197bd2a3ec16
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx

HTTP Headers

GET /774/504574/media/imgs/logo.png HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
Cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:54:52 GMT
content-type: image/png
last-modified: Tue, 11 Oct 2022 15:48:18 GMT
accept-ranges: bytes
content-length: 17964
date: Wed, 23 Nov 2022 04:54:52 GMT
server: LiteSpeed

fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/icon1.png

43.250.142.118

200 OK

675 B

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/icon1.png
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size
675 B (675 bytes)
Hash
52503e7b34576b51efe259265d46fcf2
84955a0a3851d194dae9a35942cf735f1ab789f0
22aaf60f91fb5f783db0afc52aca0fbb6c0ed42afef3949c6885d75242146e60

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx

HTTP Headers

GET /774/504574/media/imgs/icon1.png HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
Cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:54:53 GMT
content-type: image/png
last-modified: Tue, 11 Oct 2022 15:51:36 GMT
accept-ranges: bytes
content-length: 675
date: Wed, 23 Nov 2022 04:54:53 GMT
server: LiteSpeed

fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/icon3.png

43.250.142.118

200 OK

616 B

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/icon3.png
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
PNG image data, 24 x 24, 8-bit/color RGB, non-interlaced\012- data
Size
616 B (616 bytes)
Hash
9629ded10baaa38c2f16249d31534c17
81c6238bd75d0b51372d645c6e7e524c93602d7f
7ebc82abf1efe7ae7aac40c8f4f493bf7eada63384f66073ed1024069233b7ae

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx

HTTP Headers

GET /774/504574/media/imgs/icon3.png HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
Cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:54:53 GMT
content-type: image/png
last-modified: Tue, 11 Oct 2022 15:52:34 GMT
accept-ranges: bytes
content-length: 616
date: Wed, 23 Nov 2022 04:54:53 GMT
server: LiteSpeed

fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/social.png

43.250.142.118

200 OK

1.6 kB

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/social.png
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
PNG image data, 150 x 30, 8-bit/color RGB, non-interlaced\012- data
Size
1.6 kB (1638 bytes)
Hash
13759fb2c6cbee7dd5cb0e75a1c4f9f8
e510b10fede08b92a4cd47a63fdb9460fd7fed08
08e0af481673473e20d15a3e7d688a006670412bd28ae67105af1bd9e5f09256

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx

HTTP Headers

GET /774/504574/media/imgs/social.png HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
Cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:54:53 GMT
content-type: image/png
last-modified: Tue, 11 Oct 2022 15:53:22 GMT
accept-ranges: bytes
content-length: 1638
date: Wed, 23 Nov 2022 04:54:53 GMT
server: LiteSpeed

fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/dots.png

43.250.142.118

200 OK

262 B

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/dots.png
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
PNG image data, 6 x 20, 8-bit/color RGB, non-interlaced\012- data
Size
262 B (262 bytes)
Hash
ce40d9cf16ff0cd7b97abfea2262d01c
021f63f0141a434694ab095fd463a1a06f8f1bda
8748e92ec190b17bed52570d5c87ceee3a44111d16cbd66589d40fddd1b05cb0

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - FedEx

HTTP Headers

GET /774/504574/media/imgs/dots.png HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
Cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:54:53 GMT
content-type: image/png
last-modified: Tue, 11 Oct 2022 21:51:16 GMT
accept-ranges: bytes
content-length: 262
date: Wed, 23 Nov 2022 04:54:53 GMT
server: LiteSpeed

fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/ff.ico

43.250.142.118

200 OK

818 B

URL HTTP/1.1
fedex.delivery-tracking.aiip.org.au/774/504574/media/imgs/ff.ico
IP
43.250.142.118:0
ASN
#45638 SYNERGY WHOLESALE PTY LTD

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
818 B (818 bytes)
Hash
fc6777a702207118d4fb16bf74a04579
fc2472548713903500b7775af92b59cb4da33b01
f26c82b7db470587c9746b5833f03ecada9cedcb3f35b554b3a3739ed4a57e7d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /774/504574/media/imgs/ff.ico HTTP/1.1
Host: fedex.delivery-tracking.aiip.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/774/504574/step2.php?id=85213098
Cookie: PHPSESSID=792d2804e9e564a23fdb7ab8651635cd

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:54:53 GMT
content-type: image/x-icon
last-modified: Tue, 11 Oct 2022 16:14:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 818
date: Wed, 23 Nov 2022 04:54:53 GMT
server: LiteSpeed

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14036
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 04:54:54 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12244 bytes)
Hash
1387520c00b2ce57c6e49fd89afbfe83
5404be7e1fff033a5cccc15164d77b7e96a48a81
2f0fe787a2b2da38cf134a08dc4addf281e6f96761df33780b1a74d037573d58

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12244
x-amzn-requestid: 1766972b-e5c3-4922-a2e8-04387da9c9b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_AL_EiaIAMFndw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c4719-27c0032c611a9aef0363e903;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 03:50:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -UJDz7KZ7uZ0DnKsTz7NMCGPOt5EIzBu16wyqAkemIO4N-97hV7sIg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:54:39 GMT
age: 21615
etag: "5404be7e1fff033a5cccc15164d77b7e96a48a81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde883bc-a7d5-4543-99fc-54e30eee2be6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8577 bytes)
Hash
5cecd4d046fad1853298fa268a3c0c71
cc4dae732136f04ab6824e78e834cef8c3174ede
1cbcdbb8756d7fa385c66a8e4f688d26a42b91e2760d13d69898b5845a4daaea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde883bc-a7d5-4543-99fc-54e30eee2be6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8577
x-amzn-requestid: c0a5f9a1-e6f6-480e-a534-3d1b16c79a75
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1jHVGFYIAMFyFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63787efb-544394f15e8380910447d48a;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:00:11 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: jUnOXD_n9DpLqeKBY_T-FVh-zWBfZddGKkHQHasqESKrYvXyZxljag==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 08:14:23 GMT
age: 74431
etag: "cc4dae732136f04ab6824e78e834cef8c3174ede"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11249 bytes)
Hash
481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iGM_HV13dzz5eOswbOJfjj14jlFW4jy2YsW7eJumS_TM5TxxG8VMwQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 03:49:13 GMT
age: 3941
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6378ed5-9377-4686-98bd-f799fa2d276b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7627 bytes)
Hash
73d326a472c49597186498283399b596
5f61c5e418f95e10e5b1260aac63a226dc26ab0b
143bef27d23a287bfa99421c33f28a4c8d37ad50d6b75d93ce4a3a167b9b5401

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6378ed5-9377-4686-98bd-f799fa2d276b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7627
x-amzn-requestid: 14fa1fb6-1af2-485d-ae6e-3c05baaf6944
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1eJnHTXoAMFryQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6378770a-738012af5c6313191ca29f38;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 06:26:18 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Lj2WKFWupspDwkhlsfhyvf3p2tabXaZNMQGnxQ4qLq5VU1JT1DSi0w==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 d15b6a95f7c8298444f59a99d8027cec.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:54:17 GMT
age: 25237
etag: "5f61c5e418f95e10e5b1260aac63a226dc26ab0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f511ad5-51d1-4115-92e3-f9ab3e54b37d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9748 bytes)
Hash
fa20882d7dc00765a2a196dd6a477c39
5cefba54fd9950f867063642b6791d805b429337
6dcfd316c6f91cf6b4a190ab30d529b093bf773950e6d8e796f0e8e91dd6b7d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f511ad5-51d1-4115-92e3-f9ab3e54b37d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9748
x-amzn-requestid: 0eb0f9e1-b028-4ec3-9025-2cead2debfce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBb_iEqYoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4063-5f709cbf08b34c2700d2ddce;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eUy7rrEHVX-vazNbPIMcnuXyPSW50R3eFOw0WoQEUoNiSmwe2Hjczw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:47:13 GMT
age: 25661
etag: "5cefba54fd9950f867063642b6791d805b429337"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5914 bytes)
Hash
c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 175363fa-bb7a-4c95-8aa4-ebb3f16f3745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1lI3HaqIAMFmTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63788238-1bb736b52bbae37c5e19486f;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 39Lmple6qq9vrKeKJ4lcditVdK5XfRFtv3Cs0_R8B7pVDYPiRAGFtg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:13:08 GMT
age: 24106
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.1.min.js

69.16.175.10

200 OK

0 B

URL HTTP/2
code.jquery.com/jquery-3.6.1.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jquery-3.6.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fedex.delivery-tracking.aiip.org.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:54:52 GMT
content-encoding: gzip
content-length: 30957
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
accept-ranges: bytes
server: nginx
etag: W/"63090485-15e40"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669179292.dop205.sk1.t,1669179292.cds217.sk1.hn,1669179292.cds206.sk1.c
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (45)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2