Report - suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php

Report Overview

Submitted URL
suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
IP
103.110.86.82
ASN
#63760 AZDIGI Corporation
Submitted
2023-06-04 22:53:23
Access
public
Website Title
Final URL
Tags
fedex logistics phishing
urlquery detections
Phishing - FedEx

Detections

urlquery
12
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
suckhoe.phongkhamthaiha.vn	unknown	unknown	2022-05-08	2023-06-04	7.8 kB	47 kB	103.110.86.82
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-06-04	906 B	424 kB	104.17.24.14
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-06-04	919 B	51 kB	151.101.65.229
code.jquery.com	634	2005-12-10	2012-05-21	2023-06-04	422 B	31 kB	69.16.175.10
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-06-04	358 B	1.9 kB	104.18.21.226
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-04	2.0 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-04	2.8 kB	246 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-06-04	483 B	15 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-06-04	medium	suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js	8.3 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:41 Last Seen2024-04-26 14:52:09 Times Seen12622 Hash cc290e6c3aeecf5021dd82ad8df2512a fb983aecd3940e8ebbfe5e74c8099cee9223c957 2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995 Loading...

	suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/js/js.js	496 B	2023-03-08	2024-04-25
Pretty URL suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/js/js.js IP 103.110.86.82 ASN #63760 AZDIGI Corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:46:00 Last Seen2024-04-25 23:15:45 Times Seen261 Hash 19b21a2bc54e98f8ddd9251812a5940f e358391328bf826c640d35f4a4c15879346c3c30 f6ecae9999b4d4c78226a09e14df1c6ec8bcdf3473377d4e49327e6c9b6b957c Loading...

	suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php	897 B	2023-03-13	2024-02-27
Pretty URL suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php IP 103.110.86.82 ASN #63760 AZDIGI Corporation Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 19:18:48 Last Seen2024-02-27 11:07:40 Times Seen21 Hash 99795082efbff69b09e4a9c1433a03b4 7635933463f5241877bbe19354fc51211cc11063 62d673c117a531de11ae412a4fb3308a1c8d334ecf84fc8cf13c2fcf924c5abc Loading...

	code.jquery.com/jquery-3.6.1.min.js	90 kB	2023-03-07	2024-04-27
Pretty URL code.jquery.com/jquery-3.6.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:27 Last Seen2024-04-27 01:27:37 Times Seen23063 Hash 00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js	79 kB	2023-03-07	2024-04-27
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:37 Last Seen2024-04-27 00:50:13 Times Seen26432 Hash 0aa8d64e726c4a57adb5c88f9115996b 901169527507ff9e662cf64d8e361f359308970d 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe Loading...

	cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js	1.5 MB	2023-03-09	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 05:04:22 Last Seen2024-04-25 23:15:45 Times Seen9566 Hash d5beb8fa265f90be5ccadd6b32b8672f 7bdc23c06b51e7e42c05de486680a3c18aa5ce5a 6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e Loading...

HTTP Transactions (32)

URL IP Response Size

suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php

103.110.86.82

200 OK

2.6 kB

URL User Request GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.6 kB (2645 bytes)
Hash
e56c7e97574eefda05aefc9805c3ee48
fa5e3722ef342e318a9c01bc8036fcdcde1701ae
1ea094fc9a77e7a4fb40f6b1622e0add4168a039685b8fa1e30986bbd66e33c9

Detections

Analyzer	Verdict	Alert
openphish	FedEx Corporation

HTTP Headers

GET /FedEx/tracking/fV5EjH/details.php HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: text/html; charset=UTF-8
content-length: 2645
x-powered-by: PHP/7.2.34
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js

104.17.24.14

200 OK

3.1 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (542)
Size
3.1 kB (3074 bytes)
Hash
cc290e6c3aeecf5021dd82ad8df2512a
fb983aecd3940e8ebbfe5e74c8099cee9223c957
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995

HTTP Headers

GET /ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 3074
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-2087"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1622741
expires: Fri, 24 May 2024 22:53:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtZVfFO%2FCmgg3dw%2BcwFcJ5zmwsdH%2F%2FiNE5SCb6mZ7l0mALMo3QcZ6VRxig%2BOQ6hD2yrTS%2FjwG3KmUtqJ4GyuXhvF%2BzmfC0DcEgzEE%2FdoO%2BBjCFHqYVEFZZ6I4vsSpmLbeommjAqP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d23bffe2b0bb51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js

104.17.24.14

200 OK

418 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65317)
Size
418 kB (418541 bytes)
Hash
d5beb8fa265f90be5ccadd6b32b8672f
7bdc23c06b51e7e42c05de486680a3c18aa5ce5a
6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/js/all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 418541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-662ed"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 882041
expires: Fri, 24 May 2024 22:53:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EX4SZ3XqaSRstRrWDzN4BiofKzV18tD7fNhUvGFKMmJkc3kvRbY5tivehF66JzzO88InGQGjGqAp3kY2hgwxXbtVk1Obk%2BkWJ07FRM9wznlV6If8Ep6fvQJSrEG6BswAoGBZ7GKK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d23bffe2b07b51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

151.101.65.229

200 OK

25 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
25 kB (25360 bytes)
Hash
abe91756d18b7cd60871a2f47c1e8192
7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: br
accept-ranges: bytes
date: Sun, 04 Jun 2023 22:53:05 GMT
age: 7034002
x-served-by: cache-fra-eddf8230097-FRA, cache-bma1660-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

151.101.65.229

200 OK

24 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (65299)
Size
24 kB (23943 bytes)
Hash
0aa8d64e726c4a57adb5c88f9115996b
901169527507ff9e662cf64d8e361f359308970d
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: br
accept-ranges: bytes
date: Sun, 04 Jun 2023 22:53:05 GMT
age: 1068380
x-served-by: cache-fra-eddf8230080-FRA, cache-bma1660-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23943
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.1.min.js

69.16.175.10

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.1.min.js
IP
69.16.175.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (30957 bytes)
Hash
00727d1d5d9c90f7de826f1a4a9cc632
ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

HTTP Headers

GET /jquery-3.6.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Jun 2023 22:53:05 GMT
content-encoding: gzip
content-length: 30957
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
accept-ranges: bytes
server: nginx
etag: W/"63090485-15e40"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1685919185.dop205.sk1.t,1685919185.cds259.sk1.hn,1685919185.cds206.sk1.c
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.21.226

1.5 kB

URL
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
2914a213a23842cb1683e32f144425bf
83fc6c858f1216b1142a36f692f7119324fac8fa
5d41246849e9691bdbf8809865c50b0a96ff87fdc72d6252d1482cc4f12f089d

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Jun 2023 22:53:05 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "83AE4466FC5B4ABEF4B72C64B243E1FEBCA7105E"
Expires: Mon, 05 Jun 2023 09:00:00 GMT
Last-Modified: Sun, 04 Jun 2023 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2386
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d23bfff29e8b511-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d11f1919fef5d8fccf8a87cf62ec7d61
b862276403c5375ce0cf2707ff0141d0f765fafa
7002839ec0a73f7a79f9f8720287932bd850a6a1b741ad91808e402ecb1c0d48

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 22:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f6e0fad54cb828605d258b3a3fc3494d
1998f119ae42787f25cac22435e05b7d8a7ecbcc
fdde19b20684979988b4db7567fdb883ef8cd0438f4c4ef053bdd058011f1dbc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 22:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/logo.png

103.110.86.82

200 OK

18 kB

URL GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/logo.png
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
PNG image data, 176 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17964 bytes)
Hash
f9f3a4bf508eec8270bf7c8fe4397384
8b47c45b41e159b9dc2d6fe563b1197bd2a3ec16
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /FedEx/tracking/media/imgs/logo.png HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: image/png
content-length: 17964
last-modified: Sat, 03 Jun 2023 03:22:44 GMT
etag: "647ab204-462c"
accept-ranges: bytes
X-Firefox-Spdy: h2

suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/header-icon1.png

103.110.86.82

200 OK

1.5 kB

URL GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/header-icon1.png
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
PNG image data, 90 x 30, 8-bit/color RGB, non-interlaced\012- data
Size
1.5 kB (1509 bytes)
Hash
3436b2db6c85e43ea6ea64b16f7ea65d
6713ee3c84ebb78d252c12586199116359397825
b15bab32569969289dafeba6f869b8dbc36462e013245762e398859204c946e9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /FedEx/tracking/media/imgs/header-icon1.png HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: image/png
content-length: 1509
last-modified: Sat, 03 Jun 2023 03:22:44 GMT
etag: "647ab204-5e5"
accept-ranges: bytes
X-Firefox-Spdy: h2

suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/arrow.png

103.110.86.82

200 OK

273 B

URL GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/arrow.png
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
PNG image data, 14 x 8, 8-bit/color RGB, non-interlaced\012- data
Size
273 B (273 bytes)
Hash
c47dc7dbea172ef9f7d434411988757a
0c05ead64301cef18efa923c381be1d17a4d7a6b
5d40469bec954c9105462c4f8f808c26cb1d2d0462e78326d87a863a4bebcecd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /FedEx/tracking/media/imgs/arrow.png HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: image/png
content-length: 273
x-accel-version: 0.01
last-modified: Sat, 03 Jun 2023 03:22:44 GMT
etag: "111-5fd312ece1d12"
accept-ranges: bytes
X-Firefox-Spdy: h2

suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/header-icon2.png

103.110.86.82

200 OK

1.6 kB

URL GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/header-icon2.png
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
PNG image data, 145 x 30, 8-bit/color RGB, non-interlaced\012- data
Size
1.6 kB (1585 bytes)
Hash
7a732a93510a1f0fdd956277a9e0702d
463234a0214ee950639123acce7e233fe5c6cde4
de3d55a9455a060fdc78a53b9d2726811aea908dc948f7abb9398b7c54cc6e8a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /FedEx/tracking/media/imgs/header-icon2.png HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: image/png
content-length: 1585
last-modified: Sat, 03 Jun 2023 03:22:44 GMT
etag: "647ab204-631"
accept-ranges: bytes
X-Firefox-Spdy: h2

suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/header-icon3.png

103.110.86.82

200 OK

1.1 kB

URL GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/header-icon3.png
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
PNG image data, 85 x 30, 8-bit/color RGB, non-interlaced\012- data
Size
1.1 kB (1101 bytes)
Hash
8edda5f012bef8bc49afdb89cc60fbe1
4343c179508222d02be6868f4bdc89a6bd00a6df
eff30400f0ba5f66b1295396f200ae94cac23bbcf9960dce5b67c3d699c73c31

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /FedEx/tracking/media/imgs/header-icon3.png HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: image/png
content-length: 1101
last-modified: Sat, 03 Jun 2023 03:22:44 GMT
etag: "647ab204-44d"
accept-ranges: bytes
X-Firefox-Spdy: h2

suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/dots.png

103.110.86.82

200 OK

262 B

URL GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/dots.png
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
PNG image data, 6 x 20, 8-bit/color RGB, non-interlaced\012- data
Size
262 B (262 bytes)
Hash
ce40d9cf16ff0cd7b97abfea2262d01c
021f63f0141a434694ab095fd463a1a06f8f1bda
8748e92ec190b17bed52570d5c87ceee3a44111d16cbd66589d40fddd1b05cb0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /FedEx/tracking/media/imgs/dots.png HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: image/png
content-length: 262
x-accel-version: 0.01
last-modified: Sat, 03 Jun 2023 03:22:44 GMT
etag: "106-5fd312ece20fa"
accept-ranges: bytes
X-Firefox-Spdy: h2

suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/icon1.png

103.110.86.82

200 OK

675 B

URL GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/icon1.png
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size
675 B (675 bytes)
Hash
52503e7b34576b51efe259265d46fcf2
84955a0a3851d194dae9a35942cf735f1ab789f0
22aaf60f91fb5f783db0afc52aca0fbb6c0ed42afef3949c6885d75242146e60

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /FedEx/tracking/media/imgs/icon1.png HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: image/png
content-length: 675
x-accel-version: 0.01
last-modified: Sat, 03 Jun 2023 03:22:44 GMT
etag: "2a3-5fd312ece24e2"
accept-ranges: bytes
X-Firefox-Spdy: h2

suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/icon3.png

103.110.86.82

200 OK

616 B

URL GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/icon3.png
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGB, non-interlaced\012- data
Size
616 B (616 bytes)
Hash
9629ded10baaa38c2f16249d31534c17
81c6238bd75d0b51372d645c6e7e524c93602d7f
7ebc82abf1efe7ae7aac40c8f4f493bf7eada63384f66073ed1024069233b7ae

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /FedEx/tracking/media/imgs/icon3.png HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: image/png
content-length: 616
x-accel-version: 0.01
last-modified: Sat, 03 Jun 2023 03:22:44 GMT
etag: "268-5fd312ece1d12"
accept-ranges: bytes
X-Firefox-Spdy: h2

suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/js/js.js

103.110.86.82

200 OK

199 B

URL GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/js/js.js
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
ASCII text, with CRLF line terminators
Size
199 B (199 bytes)
Hash
19b21a2bc54e98f8ddd9251812a5940f
e358391328bf826c640d35f4a4c15879346c3c30
f6ecae9999b4d4c78226a09e14df1c6ec8bcdf3473377d4e49327e6c9b6b957c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /FedEx/tracking/media/js/js.js HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: application/javascript
content-length: 199
x-accel-version: 0.01
last-modified: Sat, 03 Jun 2023 03:22:44 GMT
etag: "1f0-5fd312ece0d72-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2

suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/social.png

103.110.86.82

200 OK

1.6 kB

URL GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/social.png
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
PNG image data, 150 x 30, 8-bit/color RGB, non-interlaced\012- data
Size
1.6 kB (1638 bytes)
Hash
13759fb2c6cbee7dd5cb0e75a1c4f9f8
e510b10fede08b92a4cd47a63fdb9460fd7fed08
08e0af481673473e20d15a3e7d688a006670412bd28ae67105af1bd9e5f09256

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /FedEx/tracking/media/imgs/social.png HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: image/png
content-length: 1638
last-modified: Sat, 03 Jun 2023 03:22:44 GMT
etag: "647ab204-666"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c8c4fd34484b10881179e1a092434fd9
b37e3b04da5ba68bf533fcff188ac29b8eb27b3e
e5ccf7ef803972b97b8bff04fcab8af38c84d5a832ab096c7fd5ace5e56bf92c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 22:53:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/css/style.css

103.110.86.82

200 OK

2.4 kB

URL GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/css/style.css
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
2.4 kB (2368 bytes)
Hash
d87fbfa24649dffd205e5b97786a0361
f4d82966a6cbb9727c38f1eb4f86594efaae8862
fc64e25cc69e76cfebc7d5351f3678931e3ef41f081339866b4b548ad1b8b547

HTTP Headers

GET /FedEx/tracking/media/css/style.css HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: text/css
last-modified: Sat, 03 Jun 2023 03:22:44 GMT
vary: Accept-Encoding
etag: W/"647ab204-1cbb"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://suckhoe.phongkhamthaiha.vn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 11:49:35 GMT
expires: Fri, 31 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 299011
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/css/helpers.css

103.110.86.82

200 OK

7.4 kB

URL GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/css/helpers.css
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
7.4 kB (7383 bytes)
Hash
7ed0e9ac68ea7d1b744c467034aba9d3
181a448a730cbf4313ea163f27f3d81be0c24a18
1c66af34b1720dca74e8c40f17f97a1342837052366fc1fafc1f9064b48fb88b

HTTP Headers

GET /FedEx/tracking/media/css/helpers.css HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:05 GMT
content-type: text/css
last-modified: Sat, 03 Jun 2023 03:22:44 GMT
vary: Accept-Encoding
etag: W/"647ab204-a3ab"
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c8c4fd34484b10881179e1a092434fd9
b37e3b04da5ba68bf533fcff188ac29b8eb27b3e
e5ccf7ef803972b97b8bff04fcab8af38c84d5a832ab096c7fd5ace5e56bf92c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 22:53:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c8c4fd34484b10881179e1a092434fd9
b37e3b04da5ba68bf533fcff188ac29b8eb27b3e
e5ccf7ef803972b97b8bff04fcab8af38c84d5a832ab096c7fd5ace5e56bf92c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 22:53:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://suckhoe.phongkhamthaiha.vn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 11:49:35 GMT
expires: Fri, 31 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 299011
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://suckhoe.phongkhamthaiha.vn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 11:49:35 GMT
expires: Fri, 31 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 299011
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://suckhoe.phongkhamthaiha.vn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 11:49:35 GMT
expires: Fri, 31 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 299011
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://suckhoe.phongkhamthaiha.vn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 11:49:35 GMT
expires: Fri, 31 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 299011
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c8c4fd34484b10881179e1a092434fd9
b37e3b04da5ba68bf533fcff188ac29b8eb27b3e
e5ccf7ef803972b97b8bff04fcab8af38c84d5a832ab096c7fd5ace5e56bf92c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 22:53:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/ff.ico

103.110.86.82

200 OK

5.4 kB

URL GET HTTP/2
suckhoe.phongkhamthaiha.vn/FedEx/tracking/media/imgs/ff.ico
IP
103.110.86.82:443
ASN
#63760 AZDIGI Corporation

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerLet's Encrypt
Subjectphongkhamthaiha.vn
FingerprintEF:57:3F:A0:6D:4B:BE:24:24:6C:59:2F:13:18:09:CE:D2:E0:DA:C6
ValidityMon, 08 May 2023 16:17:27 GMT - Sun, 06 Aug 2023 16:17:26 GMT

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
5.4 kB (5430 bytes)
Hash
a53129769d15f251d4e5c5cb966765b4
043d6a7b9cca5d05aba04fc0a3f4527e3ad075e0
eab1b9a0ef942d84e3a8ed8c3e3996acb7a46af9a0b9f914ced662bcbe0e54be

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - FedEx

HTTP Headers

GET /FedEx/tracking/media/imgs/ff.ico HTTP/1.1
Host: suckhoe.phongkhamthaiha.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Cookie: PHPSESSID=kcp2do0skpbiasrd2ahtp5933i
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Jun 2023 22:53:06 GMT
content-type: image/x-icon
content-length: 5430
last-modified: Sat, 03 Jun 2023 03:22:44 GMT
etag: "647ab204-1536"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap

142.250.74.74

200 OK

15 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://suckhoe.phongkhamthaiha.vn/FedEx/tracking/fV5EjH/details.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
ASCII text
Size
15 kB (14640 bytes)
Hash
ff0a908529ae67f23da561da788a1bc5
f07a4d3ec7386f84d6113d40993135010f5a0f2b
fe6e18046d7fe7934ced88a0053ac48fcdb4ac41ec3fb939eaf2300c46f35312

HTTP Headers

GET /css2?family=Open+Sans:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://suckhoe.phongkhamthaiha.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Jun 2023 22:53:05 GMT
date: Sun, 04 Jun 2023 22:53:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (32)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP