package-inquiry-b9b0a.web.app Open in urlscan Pro
2620:0:890::100  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://tudoperfeito.fun/wp-content/themes/mero-magazine/psg.php Page URL
2. https://package-inquiry-b9b0a.web.app/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	psg.php Show response tudoperfeito.fun/wp-content/themes/mero-magazine/	114 B 217 B	860ms 138ms	Document text/html	216.172.172.67 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://tudoperfeito.fun/wp-content/themes/mero-magazine/psg.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.172.172.67 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS br460-ip03.hostgator.com.br Software Apache / Resource Hash 14135e8436cc87b6d98819afe2d5910d257da33d7a357a98dbb09a998b074500 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers content-encoding gzip content-length 121 content-type text/html; charset=UTF-8 date Tue, 14 Feb 2023 11:29:45 GMT server Apache vary Accept-Encoding
GET H2	200	Primary Request / Show response package-inquiry-b9b0a.web.app/	13 KB 1 KB	184ms 116ms	Document text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://package-inquiry-b9b0a.web.app/ Requested by Host: tudoperfeito.fun URL: https://tudoperfeito.fun/wp-content/themes/mero-magazine/psg.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 57c5ae2cf09a3f031edb59a3bc8eb65fc62d6a3c47f442e5f1efa7c5da107c14 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://tudoperfeito.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control max-age=3600 content-encoding br content-length 874 content-type text/html; charset=utf-8 date Tue, 14 Feb 2023 11:29:45 GMT etag "87e599847fe015f5308f56e65e76b1f9bd449829797b895676eaec8dacfff77a-br" last-modified Mon, 13 Feb 2023 14:31:58 GMT strict-transport-security max-age=31556926; includeSubDomains; preload vary x-fh-requested-host, accept-encoding x-cache MISS x-cache-hits 0 x-served-by cache-mxp6979-MXP x-timer S1676374185.296844,VS0,VE100
GET H2	200	runtime.8414f7b476ce91b5ac27.js Show response package-inquiry-b9b0a.web.app/	1 KB 728 B	145ms 143ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://package-inquiry-b9b0a.web.app/runtime.8414f7b476ce91b5ac27.js Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 10d79512b8a210b04ec328e175a1952779f328df9a191dce200e9dd34624056a Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://package-inquiry-b9b0a.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-served-by cache-mxp6979-MXP strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 14 Feb 2023 11:29:45 GMT last-modified Mon, 13 Feb 2023 14:31:58 GMT x-timer S1676374185.495633,VS0,VE128 etag "094ff8297d73ed102d16dfa230eb1305a3854bc7f2dd053b6147986ea729ef8d-br" vary x-fh-requested-host, accept-encoding x-cache MISS content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 591 x-cache-hits 0
GET H2	200	polyfills.446b97903ad01f95f9bc.js Show response package-inquiry-b9b0a.web.app/	33 KB 11 KB	163ms 163ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://package-inquiry-b9b0a.web.app/polyfills.446b97903ad01f95f9bc.js Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f9817fafa4c8b0cac7eeaf1ed7df45f146086ae5980a821a50a529b5e1846d64 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://package-inquiry-b9b0a.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-served-by cache-mxp6979-MXP strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 14 Feb 2023 11:29:45 GMT last-modified Mon, 13 Feb 2023 14:31:58 GMT x-timer S1676374185.495637,VS0,VE147 etag "caf5dd231115cf9f0dcd31343a3bdbd0a615d60c6ab44be6012ba7f0bfc07707-br" vary x-fh-requested-host, accept-encoding x-cache MISS content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 10870 x-cache-hits 0
GET H3	200	main.209e39607602e6b1f30e.js Show response package-inquiry-b9b0a.web.app/	501 KB 127 KB	165ms 164ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://package-inquiry-b9b0a.web.app/main.209e39607602e6b1f30e.js Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash db950a29abc67587413afa73472fb6e33f829ba710f5a0e175a5ec1b713547b7 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://package-inquiry-b9b0a.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-served-by cache-mxp6947-MXP strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 14 Feb 2023 11:29:45 GMT last-modified Mon, 13 Feb 2023 14:31:58 GMT x-timer S1676374186.516245,VS0,VE148 etag "365cbbc9899c3c339b8479c40e212f59335752985e4d4c0f5994db299615ed1d-br" vary x-fh-requested-host, accept-encoding x-cache MISS content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 129757 x-cache-hits 0
GET H3	200	styles.eedd0fd42c55e1aba2e7.css package-inquiry-b9b0a.web.app/	20 KB 3 KB	157ms 157ms	Stylesheet text/css	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://package-inquiry-b9b0a.web.app/styles.eedd0fd42c55e1aba2e7.css Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 62e1f2b6096e29c4a2ba64cef18c90601006cada3884d3f9887e0e6a263d83a7 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://package-inquiry-b9b0a.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-served-by cache-mxp6947-MXP strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 14 Feb 2023 11:29:45 GMT last-modified Mon, 13 Feb 2023 14:31:58 GMT x-timer S1676374186.516385,VS0,VE132 etag "902926c676c8309f8683d7a24584a7e37a7372d6ea5f946ba6d3b1057a977226-br" vary x-fh-requested-host, accept-encoding x-cache MISS content-type text/css; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 2329 x-cache-hits 0
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	147ms 46ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://package-inquiry-b9b0a.web.app/ Origin https://package-inquiry-b9b0a.web.app accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 08:26:15 GMT x-content-type-options nosniff age 356610 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 10 Feb 2024 08:26:15 GMT
GET H2	200	/ Show response api.ipify.org/	24 B 123 B	494ms 153ms	XHR application/json	173.231.16.76 WEBNX
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/polyfills.446b97903ad01f95f9bc.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.231.16.76 , United States, ASN18450 (WEBNX, US), Reverse DNS 173-231-16-76.static.webnx.com Software / Resource Hash 5a9fa8ec202f6b1a7d4d299db65e2a64638e49c01dd50a40fd309bb6057ba198 Request headers Accept application/json, text/plain, */* Referer https://package-inquiry-b9b0a.web.app/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers access-control-allow-origin https://package-inquiry-b9b0a.web.app date Tue, 14 Feb 2023 11:29:46 GMT content-length 24 vary Origin content-type application/json
GET H3	200	logo.png package-inquiry-b9b0a.web.app/assets/	18 KB 4 KB	262ms 262ms	Image image/png	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://package-inquiry-b9b0a.web.app/assets/logo.png Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://package-inquiry-b9b0a.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-served-by cache-mxp6947-MXP strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 14 Feb 2023 11:29:46 GMT last-modified Mon, 13 Feb 2023 14:31:58 GMT x-timer S1676374186.839498,VS0,VE246 etag "36f20ed91cc77acc7d1b58d213df4fdde3278330957511588ba7ea3d7b9b6ac4-br" vary x-fh-requested-host, accept-encoding x-cache MISS content-type image/png cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 4054 x-cache-hits 0
GET H3	200	arrow.png package-inquiry-b9b0a.web.app/assets/	273 B 594 B	247ms 246ms	Image image/png	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://package-inquiry-b9b0a.web.app/assets/arrow.png Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5d40469bec954c9105462c4f8f808c26cb1d2d0462e78326d87a863a4bebcecd Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://package-inquiry-b9b0a.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-served-by cache-mxp6947-MXP strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 14 Feb 2023 11:29:46 GMT last-modified Mon, 13 Feb 2023 14:31:58 GMT x-timer S1676374186.840136,VS0,VE231 etag "5487df2b0cd68b9953dfbd114b60f14e9b1a791007ab7e32546b1cd96c6e88ff" vary x-fh-requested-host, accept-encoding x-cache MISS content-type image/png cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 273 x-cache-hits 0
GET H3	200	header-icon1.png package-inquiry-b9b0a.web.app/assets/	1 KB 2 KB	271ms 270ms	Image image/png	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://package-inquiry-b9b0a.web.app/assets/header-icon1.png Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b15bab32569969289dafeba6f869b8dbc36462e013245762e398859204c946e9 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://package-inquiry-b9b0a.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-served-by cache-mxp6947-MXP strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 14 Feb 2023 11:29:46 GMT last-modified Mon, 13 Feb 2023 14:31:58 GMT x-timer S1676374186.842930,VS0,VE253 etag "390e311a3b598ada41ee7c7b83bed650e13131852b06d65e93f276a2aa944d49" vary x-fh-requested-host, accept-encoding x-cache MISS content-type image/png cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1509 x-cache-hits 0
GET H3	200	header-icon2.png package-inquiry-b9b0a.web.app/assets/	2 KB 2 KB	286ms 284ms	Image image/png	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://package-inquiry-b9b0a.web.app/assets/header-icon2.png Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash de3d55a9455a060fdc78a53b9d2726811aea908dc948f7abb9398b7c54cc6e8a Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://package-inquiry-b9b0a.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-served-by cache-mxp6947-MXP strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 14 Feb 2023 11:29:46 GMT last-modified Mon, 13 Feb 2023 14:31:58 GMT x-timer S1676374186.842905,VS0,VE268 etag "cf360b01f68935d78a6558bf8fa266a6696aa60472ea2ae15a388fbc6136f6aa" vary x-fh-requested-host, accept-encoding x-cache MISS content-type image/png cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1585 x-cache-hits 0
GET H3	200	header-icon3.png package-inquiry-b9b0a.web.app/assets/	1 KB 1 KB	272ms 271ms	Image image/png	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://package-inquiry-b9b0a.web.app/assets/header-icon3.png Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash eff30400f0ba5f66b1295396f200ae94cac23bbcf9960dce5b67c3d699c73c31 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://package-inquiry-b9b0a.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-served-by cache-mxp6947-MXP strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 14 Feb 2023 11:29:46 GMT last-modified Mon, 13 Feb 2023 14:31:58 GMT x-timer S1676374186.843563,VS0,VE254 etag "27a5e35b1fbfb0333b833535844569aa6a8431107f09dedf2cf509fae2d95cb1" vary x-fh-requested-host, accept-encoding x-cache MISS content-type image/png cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1101 x-cache-hits 0
GET H3	200	dots.png package-inquiry-b9b0a.web.app/assets/	262 B 581 B	273ms 272ms	Image image/png	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://package-inquiry-b9b0a.web.app/assets/dots.png Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8748e92ec190b17bed52570d5c87ceee3a44111d16cbd66589d40fddd1b05cb0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://package-inquiry-b9b0a.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-served-by cache-mxp6947-MXP strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 14 Feb 2023 11:29:46 GMT last-modified Mon, 13 Feb 2023 14:31:58 GMT x-timer S1676374186.843548,VS0,VE256 etag "c19530bd71b0af9f6b37cfc129b24407c969f1fbe1b210b25590489c2029161e" vary x-fh-requested-host, accept-encoding x-cache MISS content-type image/png cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 262 x-cache-hits 0
GET H3	200	icon1.png package-inquiry-b9b0a.web.app/assets/	675 B 997 B	232ms 231ms	Image image/png	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://package-inquiry-b9b0a.web.app/assets/icon1.png Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 22aaf60f91fb5f783db0afc52aca0fbb6c0ed42afef3949c6885d75242146e60 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://package-inquiry-b9b0a.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-served-by cache-mxp6947-MXP strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 14 Feb 2023 11:29:46 GMT last-modified Mon, 13 Feb 2023 14:31:58 GMT x-timer S1676374186.843520,VS0,VE215 etag "6fafa7848ad4c96f785ed55b844b0ffd9c9da7a7c7ef47f3f8dcb390c6af99de" vary x-fh-requested-host, accept-encoding x-cache MISS content-type image/png cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 675 x-cache-hits 0
GET H3	200	icon3.png package-inquiry-b9b0a.web.app/assets/	616 B 936 B	311ms 310ms	Image image/png	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://package-inquiry-b9b0a.web.app/assets/icon3.png Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7ebc82abf1efe7ae7aac40c8f4f493bf7eada63384f66073ed1024069233b7ae Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://package-inquiry-b9b0a.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-served-by cache-mxp6947-MXP strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 14 Feb 2023 11:29:46 GMT last-modified Mon, 13 Feb 2023 14:31:58 GMT x-timer S1676374186.843503,VS0,VE290 etag "273eec17f3dfbc3b0e4e8b15f39a15b1e469d8cc6ec763e65a1d2eae340289cd" vary x-fh-requested-host, accept-encoding x-cache MISS content-type image/png cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 616 x-cache-hits 0
GET H3	200	social.png package-inquiry-b9b0a.web.app/assets/	2 KB 2 KB	260ms 259ms	Image image/png	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://package-inquiry-b9b0a.web.app/assets/social.png Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 08e0af481673473e20d15a3e7d688a006670412bd28ae67105af1bd9e5f09256 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://package-inquiry-b9b0a.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-served-by cache-mxp6947-MXP strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 14 Feb 2023 11:29:46 GMT last-modified Mon, 13 Feb 2023 14:31:58 GMT x-timer S1676374186.843459,VS0,VE242 etag "f4b5d49796208613a1c8f27042b2fbf84f54da4fc3572a549f6b4d5bd751a290" vary x-fh-requested-host, accept-encoding x-cache MISS content-type image/png cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1638 x-cache-hits 0
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 fonts.gstatic.com/s/opensans/v34/	26 KB 26 KB	40ms 39ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://package-inquiry-b9b0a.web.app/ Origin https://package-inquiry-b9b0a.web.app accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Wed, 08 Feb 2023 11:59:19 GMT x-content-type-options nosniff age 516626 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26240 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:14:37 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 08 Feb 2024 11:59:19 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2 fonts.gstatic.com/s/opensans/v34/	21 KB 21 KB	39ms 39ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2 Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0c018fe9d09945d93f6f5aa5f1c53a2975621c3043a22344eaf86d6500c245c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://package-inquiry-b9b0a.web.app/ Origin https://package-inquiry-b9b0a.web.app accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Tue, 07 Feb 2023 23:40:27 GMT x-content-type-options nosniff age 560958 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21048 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:13:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 07 Feb 2024 23:40:27 GMT
GET H2	200	/ Show response ipapi.co/192.145.127.213/json/	758 B 907 B	298ms 245ms	XHR application/json	2606:4700:20::ac43:45e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ipapi.co/192.145.127.213/json/ Requested by Host: package-inquiry-b9b0a.web.app URL: https://package-inquiry-b9b0a.web.app/polyfills.446b97903ad01f95f9bc.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e755c0e1eba57899bdbf0279de8326afa6814f3cf0dac9a1f83c1d22fcb492a9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/plain, */* Referer https://package-inquiry-b9b0a.web.app/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Tue, 14 Feb 2023 11:29:46 GMT content-encoding br x-content-type-options nosniff referrer-policy same-origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Host, Origin allow HEAD, OPTIONS, GET, POST, OPTIONS content-type application/json access-control-allow-origin https://package-inquiry-b9b0a.web.app report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjZ84QFaBvD7NbCUO3ImhorZXGbgQ8yeEIOGPnvASyJXE7vSE3Ahj5K15psmzz40uqgCrz%2FkKAGJGcEvJa%2FV9wRaWeJ%2B%2FuLf4s9zFvAU8bHD8IfaI5Z%2FvM4Ez0oCaGLG4uhA81b3"}],"group":"cf-nel","max_age":604800} x-frame-options DENY cf-ray 799577c8cddf5a07-MXP

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fedex (Transportation)

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| webpackChunkfedex function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
fonts.gstatic.com
ipapi.co
package-inquiry-b9b0a.web.app
tudoperfeito.fun
173.231.16.76
216.172.172.67
2606:4700:20::ac43:45e2
2620:0:890::100
2a00:1450:400d:80a::2003
08e0af481673473e20d15a3e7d688a006670412bd28ae67105af1bd9e5f09256
0c018fe9d09945d93f6f5aa5f1c53a2975621c3043a22344eaf86d6500c245c6
10d79512b8a210b04ec328e175a1952779f328df9a191dce200e9dd34624056a
14135e8436cc87b6d98819afe2d5910d257da33d7a357a98dbb09a998b074500
22aaf60f91fb5f783db0afc52aca0fbb6c0ed42afef3949c6885d75242146e60
57c5ae2cf09a3f031edb59a3bc8eb65fc62d6a3c47f442e5f1efa7c5da107c14
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5a9fa8ec202f6b1a7d4d299db65e2a64638e49c01dd50a40fd309bb6057ba198
5d40469bec954c9105462c4f8f808c26cb1d2d0462e78326d87a863a4bebcecd
62e1f2b6096e29c4a2ba64cef18c90601006cada3884d3f9887e0e6a263d83a7
7ebc82abf1efe7ae7aac40c8f4f493bf7eada63384f66073ed1024069233b7ae
8748e92ec190b17bed52570d5c87ceee3a44111d16cbd66589d40fddd1b05cb0
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
b15bab32569969289dafeba6f869b8dbc36462e013245762e398859204c946e9
db950a29abc67587413afa73472fb6e33f829ba710f5a0e175a5ec1b713547b7
de3d55a9455a060fdc78a53b9d2726811aea908dc948f7abb9398b7c54cc6e8a
e755c0e1eba57899bdbf0279de8326afa6814f3cf0dac9a1f83c1d22fcb492a9
eff30400f0ba5f66b1295396f200ae94cac23bbcf9960dce5b67c3d699c73c31
f9817fafa4c8b0cac7eeaf1ed7df45f146086ae5980a821a50a529b5e1846d64