Submitted URL: https://ayurleap.com/ayurleap
Effective URL: https://ayurleap.com/ayurleap/signin
Submission: On July 11 via manual from US — Scanned from GB

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 24 HTTP transactions. The main IP is 88.208.214.130, located in United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is ayurleap.com.
TLS certificate: Issued by R3 on May 29th 2022. Valid for: 3 months.
This is the only time ayurleap.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fedex (Transportation)

Domain & IP information

IP Address AS Autonomous System
2 14 88.208.214.130 8560 (IONOS-AS ...)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 52.222.214.101 16509 (AMAZON-02)
1 54.148.74.106 16509 (AMAZON-02)
24 5
Apex Domain
Subdomains
Transfer
14 ayurleap.com
ayurleap.com
157 KB
4 fedex.com
www.fedex.com — Cisco Umbrella Rank: 5988
358 KB
1 eum-appdynamics.com
col.eum-appdynamics.com — Cisco Umbrella Rank: 1629
1016 B
1 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 2490
20 KB
24 4
Domain Requested by
14 ayurleap.com 2 redirects ayurleap.com
4 www.fedex.com ayurleap.com
www.fedex.com
1 col.eum-appdynamics.com cdn.appdynamics.com
1 cdn.appdynamics.com www.fedex.com
24 4
Subject Issuer Validity Valid
ayurleap.com
R3
2022-05-29 -
2022-08-27
3 months crt.sh
www.fedex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2021-09-28 -
2022-10-29
a year crt.sh
*.appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-21 -
2022-07-22
a year crt.sh
*.eum-appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-14 -
2023-07-15
a year crt.sh

This page contains 1 frames:

Primary Page: https://ayurleap.com/ayurleap/signin
Frame ID: 45B3F6B0AAECFD184C0E16495D2AAE2B
Requests: 24 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://ayurleap.com/ayurleap HTTP 301
    https://ayurleap.com/ayurleap/ HTTP 302
    https://ayurleap.com/ayurleap/signin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adrum

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

75 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

537 kB
Transfer

4059 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ayurleap.com/ayurleap HTTP 301
    https://ayurleap.com/ayurleap/ HTTP 302
    https://ayurleap.com/ayurleap/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request signin
ayurleap.com/ayurleap/
Redirect Chain
  • https://ayurleap.com/ayurleap
  • https://ayurleap.com/ayurleap/
  • https://ayurleap.com/ayurleap/signin
766 KB
73 KB
Document
General
Full URL
https://ayurleap.com/ayurleap/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.214.130 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
tfits.server.shosted.in
Software
nginx /
Resource Hash
4409cffad3b37740df945f0e1d482a33efffb46cad85740e46d4a91ea3e085ce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 11 Jul 2022 12:40:29 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 11 Jul 2022 12:40:28 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
signin
pragma
no-cache
server
nginx
vary
Accept-Encoding
jquery.js
ayurleap.com/ayurleap/lib/js/
286 KB
79 KB
Script
General
Full URL
https://ayurleap.com/ayurleap/lib/js/jquery.js
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.214.130 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
tfits.server.shosted.in
Software
nginx /
Resource Hash
692d421d5c163409a5918e802f507abbaa6bec90baa454c5252977a5b3b7ff0d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ayurleap.com/ayurleap/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:40:29 GMT
content-encoding
br
last-modified
Mon, 05 Feb 2018 13:55:00 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
jquery.maskedinput.js
ayurleap.com/ayurleap/lib/js/
10 KB
3 KB
Script
General
Full URL
https://ayurleap.com/ayurleap/lib/js/jquery.maskedinput.js
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.214.130 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
tfits.server.shosted.in
Software
nginx /
Resource Hash
c75ef4ed711014b31fe4cc01e7b96ee7723d2fe8b77c7158f45a885f1a15d4ad

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ayurleap.com/ayurleap/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:40:29 GMT
content-encoding
br
last-modified
Sat, 14 Mar 2015 10:25:00 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
jquery.payment.js
ayurleap.com/ayurleap/lib/js/
11 KB
3 KB
Script
General
Full URL
https://ayurleap.com/ayurleap/lib/js/jquery.payment.js
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.214.130 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
tfits.server.shosted.in
Software
nginx /
Resource Hash
ccbadff5afdc080f00da54378d4942b0587425a4179fb17ceb7df56f260d1cd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ayurleap.com/ayurleap/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:40:29 GMT
content-encoding
br
last-modified
Mon, 30 Dec 2013 09:05:20 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
common-es2015.256582805e27d903c788.js
ayurleap.com/ayurleap/
0
0
Script
General
Full URL
https://ayurleap.com/ayurleap/common-es2015.256582805e27d903c788.js
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.214.130 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
tfits.server.shosted.in
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ayurleap.com/ayurleap/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:40:29 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
7-es2015.d20e999acc45011f3531.js
ayurleap.com/ayurleap/
0
0
Script
General
Full URL
https://ayurleap.com/ayurleap/7-es2015.d20e999acc45011f3531.js
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.214.130 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
tfits.server.shosted.in
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ayurleap.com/ayurleap/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:40:29 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
8-es2015.94491bd6ef2c11f603cd.js
ayurleap.com/ayurleap/
0
0
Script
General
Full URL
https://ayurleap.com/ayurleap/8-es2015.94491bd6ef2c11f603cd.js
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.214.130 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
tfits.server.shosted.in
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ayurleap.com/ayurleap/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:40:29 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
runtime-es2015.05f3407a785bf968a9aa.js
ayurleap.com/ayurleap/
0
0
Script
General
Full URL
https://ayurleap.com/ayurleap/runtime-es2015.05f3407a785bf968a9aa.js
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.214.130 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
tfits.server.shosted.in
Software
nginx /
Resource Hash

Request headers

Referer
https://ayurleap.com/ayurleap/signin
Origin
https://ayurleap.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:40:29 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
polyfills-es2015.8c4f6927b164e7fe278d.js
ayurleap.com/ayurleap/
0
0
Script
General
Full URL
https://ayurleap.com/ayurleap/polyfills-es2015.8c4f6927b164e7fe278d.js
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.214.130 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
tfits.server.shosted.in
Software
nginx /
Resource Hash

Request headers

Referer
https://ayurleap.com/ayurleap/signin
Origin
https://ayurleap.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:40:29 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
scripts.e6c3138b82d02fb98c8f.js
ayurleap.com/ayurleap/
0
0
Script
General
Full URL
https://ayurleap.com/ayurleap/scripts.e6c3138b82d02fb98c8f.js
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.214.130 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
tfits.server.shosted.in
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ayurleap.com/ayurleap/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:40:30 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
main-es2015.f6578e804214b3373c8e.js
ayurleap.com/ayurleap/
0
0
Script
General
Full URL
https://ayurleap.com/ayurleap/main-es2015.f6578e804214b3373c8e.js
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.214.130 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
tfits.server.shosted.in
Software
nginx /
Resource Hash

Request headers

Referer
https://ayurleap.com/ayurleap/signin
Origin
https://ayurleap.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:40:29 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
EweHE
ayurleap.com/L1zl/Qd_v/-/s/EWWUruRg/7m7hLmQbrE/WV47agRFFAY/LWFiIF/
0
0
Script
General
Full URL
https://ayurleap.com/L1zl/Qd_v/-/s/EWWUruRg/7m7hLmQbrE/WV47agRFFAY/LWFiIF/EweHE
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.214.130 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
tfits.server.shosted.in
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ayurleap.com/ayurleap/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:40:29 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
adrum.js
www.fedex.com/profile/assets/adrum/
98 KB
30 KB
Script
General
Full URL
https://www.fedex.com/profile/assets/adrum/adrum.js
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba9b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
13fb8722dbf29a6763542f17eefd6f167d5ccb43b12821f8feaf21154b2e228e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ayurleap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 12:40:29 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 23 May 2022 04:06:39 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
1380e685-93fe-4352-730c-7c8e80fb4183
Cache-Control
max-age=18237
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
30351
Expires
Mon, 11 Jul 2022 17:44:26 GMT
script.js
www.fedex.com/simplifiedhf/js/
2 MB
229 KB
Script
General
Full URL
https://www.fedex.com/simplifiedhf/js/script.js?onSHFInit
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba9b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
d64a6bde03d397f38e892f5e8b27ea230880449309b9c90ba7b389cd722b23c1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ayurleap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 12:40:30 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 29 Jun 2022 21:42:19 GMT
Server
Apache
Vary
Cookie,X-Akamai-Country-Code,Accept-Language,Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86374
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Transfer-Encoding
chunked
Expires
Tue, 12 Jul 2022 12:40:04 GMT
common-core_SHF.css
www.fedex.com/simplifiedhf/css/
853 KB
82 KB
Stylesheet
General
Full URL
https://www.fedex.com/simplifiedhf/css/common-core_SHF.css
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba9b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
d3a22a6f526f951592714e9bd39d46640b11e52d8cc7e18de33dec67474d5383

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ayurleap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 12:40:30 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 29 Jun 2022 21:42:04 GMT
Server
Apache
Vary
Cookie,X-Akamai-Country-Code,Accept-Language,Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86371
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
82690
Expires
Tue, 12 Jul 2022 12:40:01 GMT
logo.png
www.fedex.com/content/dam/fedex-com/logos/
18 KB
18 KB
Image
General
Full URL
https://www.fedex.com/content/dam/fedex-com/logos/logo.png
Requested by
Host: ayurleap.com
URL: https://ayurleap.com/ayurleap/signin
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba9b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4 /
Resource Hash
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ayurleap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 12:40:30 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 09 Jul 2022 16:35:41 GMT
Server
Apache/2.4
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=39223
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17964
Expires
Mon, 11 Jul 2022 23:34:13 GMT
FedExSans_W-Regular.woff
www.fedex.com/profile/assets/fonts/
0
0

FedExSans_W-Light.woff
www.fedex.com/profile/assets/fonts/
0
0

FedExSans_W-Bold.woff
www.fedex.com/profile/assets/fonts/
0
0

FedExSans_W-Regular.woff
www.fedex.com/simplifiedhf/css/assets/fonts/
0
0

FedExSans_W-Light.woff
www.fedex.com/simplifiedhf/css/assets/fonts/
0
0

FedExSans_W-Bold.woff
www.fedex.com/simplifiedhf/css/assets/fonts/
0
0

adrum-ext.7f7b11e2ec93e71bae6b513f9fdfe436.js
cdn.appdynamics.com/
51 KB
20 KB
Script
General
Full URL
https://cdn.appdynamics.com/adrum-ext.7f7b11e2ec93e71bae6b513f9fdfe436.js
Requested by
Host: www.fedex.com
URL: https://www.fedex.com/profile/assets/adrum/adrum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-101.fra56.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
f56c8d5084300da7fcd052835a2147b5d69d253d137920832e6c9f81e34e16e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ayurleap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 13:54:23 GMT
content-encoding
gzip
age
2241968
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 15 Sep 2020 19:56:05 GMT
server
nginx/1.16.1
etag
W/"5f611c55-cba7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
cache-control
public, max-age=2678400, s-max-age=14400
x-amz-cf-pop
FRA56-P3
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ErwZbLFoFyP-uuOrPMpR9PxWzXl0qKwp8mJJc6ZKuC12MR_ep-rHfg==
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/
0
1016 B
XHR
General
Full URL
https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/adrum
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.7f7b11e2ec93e71bae6b513f9fdfe436.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.74.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-74-106.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ayurleap.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 12:40:32 GMT
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
Connection
keep-alive
access-control-allow-headers
origin, content-type, accept
Content-Length
0
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.fedex.com
URL
https://www.fedex.com/profile/assets/fonts/FedExSans_W-Regular.woff
Domain
www.fedex.com
URL
https://www.fedex.com/profile/assets/fonts/FedExSans_W-Light.woff
Domain
www.fedex.com
URL
https://www.fedex.com/profile/assets/fonts/FedExSans_W-Bold.woff
Domain
www.fedex.com
URL
https://www.fedex.com/simplifiedhf/css/assets/fonts/FedExSans_W-Regular.woff
Domain
www.fedex.com
URL
https://www.fedex.com/simplifiedhf/css/assets/fonts/FedExSans_W-Light.woff
Domain
www.fedex.com
URL
https://www.fedex.com/simplifiedhf/css/assets/fonts/FedExSans_W-Bold.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fedex (Transportation)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery undefined| logInCallback undefined| logoutCallback object| ADRUM number| adrum-start-time function| setImmediate function| clearImmediate function| SHFAuthenticated function| SHFBeforeLogout function| SHF_doLogin function| SHF_doLogout function| SHF_isLoggedIn function| SHF_removeRedirectCookie object| FDX function| SHF_onLocaleChange string| SHF_host string| SHF_locale function| SHF_fetchHeaderFooter function| SHF_HeaderFooter

1 Cookies

Domain/Path Name / Value
ayurleap.com/ Name: PHPSESSID
Value: 1470b9619016d4ccbab15ce3446bd1fc

20 Console Messages

Source Level URL
Text
network error URL: https://ayurleap.com/L1zl/Qd_v/-/s/EWWUruRg/7m7hLmQbrE/WV47agRFFAY/LWFiIF/EweHE
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ayurleap.com/ayurleap/8-es2015.94491bd6ef2c11f603cd.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ayurleap.com/ayurleap/main-es2015.f6578e804214b3373c8e.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ayurleap.com/ayurleap/polyfills-es2015.8c4f6927b164e7fe278d.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ayurleap.com/ayurleap/runtime-es2015.05f3407a785bf968a9aa.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ayurleap.com/ayurleap/7-es2015.d20e999acc45011f3531.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ayurleap.com/ayurleap/common-es2015.256582805e27d903c788.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://ayurleap.com/ayurleap/signin
Message:
Access to font at 'https://www.fedex.com/profile/assets/fonts/FedExSans_W-Bold.woff' from origin 'https://ayurleap.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.fedex.com/profile/assets/fonts/FedExSans_W-Bold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ayurleap.com/ayurleap/signin
Message:
Access to font at 'https://www.fedex.com/profile/assets/fonts/FedExSans_W-Light.woff' from origin 'https://ayurleap.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www.fedex.com' that is not equal to the supplied origin.
network error URL: https://www.fedex.com/profile/assets/fonts/FedExSans_W-Light.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ayurleap.com/ayurleap/signin
Message:
Access to font at 'https://www.fedex.com/profile/assets/fonts/FedExSans_W-Regular.woff' from origin 'https://ayurleap.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.fedex.com/profile/assets/fonts/FedExSans_W-Regular.woff
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ayurleap.com/ayurleap/scripts.e6c3138b82d02fb98c8f.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://ayurleap.com/ayurleap/signin
Message:
Access to font at 'https://www.fedex.com/simplifiedhf/css/assets/fonts/FedExSans_W-Regular.woff' from origin 'https://ayurleap.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.fedex.com/simplifiedhf/css/assets/fonts/FedExSans_W-Regular.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ayurleap.com/ayurleap/signin
Message:
Access to font at 'https://www.fedex.com/simplifiedhf/css/assets/fonts/FedExSans_W-Light.woff' from origin 'https://ayurleap.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.fedex.com/simplifiedhf/css/assets/fonts/FedExSans_W-Light.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ayurleap.com/ayurleap/signin
Message:
Access to font at 'https://www.fedex.com/simplifiedhf/css/assets/fonts/FedExSans_W-Bold.woff' from origin 'https://ayurleap.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.fedex.com/simplifiedhf/css/assets/fonts/FedExSans_W-Bold.woff
Message:
Failed to load resource: net::ERR_FAILED