r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2404
Expires: Sun, 04 Dec 2022 20:21:31 GMT
Date: Sun, 04 Dec 2022 19:41:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14967
Expires: Sun, 04 Dec 2022 23:50:54 GMT
Date: Sun, 04 Dec 2022 19:41:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4765
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 19:41:27 GMT
Last-Modified: Sun, 04 Dec 2022 18:22:02 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OEfL4tSzLMbZvSMkI8av8qa+1rl6qYAMxb2cZSD5Vo0WbNZuEtHVMtnQoqSsyeoUzMN8mHvCNvk=
x-amz-request-id: 2BFSMNBR1BZFX675
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 18:47:39 GMT
age: 3228
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 19:18:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1383
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/
139.59.81.175301 Moved Permanently 162 B URL HTTP/1.1 xenodochial-allen.139-59-81-175.plesk.page/
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET / HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 04 Dec 2022 19:41:27 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://xenodochial-allen.139-59-81-175.plesk.page/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 19:08:58 GMT
cache-control: public,max-age=3600
age: 1950
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4754
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 19:41:28 GMT
Last-Modified: Sun, 04 Dec 2022 18:22:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.210.150.237101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.150.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oGpkM4XOYZ4yZWX2ZSUaKA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tIXDk9vkP54SxWqjQU9SlpiiEQ0=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 41c73bfeb0f858e02806eed3a8107e63
7d62ce17457268418117c225f182b9ebd80e2b07
3bfc16b4dba020ee791318c3e279ef97c5c60f3dae55e3652dc4189371f6075f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3BFC16B4DBA020EE791318C3E279EF97C5C60F3DAE55E3652DC4189371F6075F"
Last-Modified: Sat, 03 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 05 Dec 2022 01:41:28 GMT
Date: Sun, 04 Dec 2022 19:41:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19655
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Sun, 04 Dec 2022 19:41:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19655
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Sun, 04 Dec 2022 19:41:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19655
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Sun, 04 Dec 2022 19:41:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19655
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Sun, 04 Dec 2022 19:41:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19655
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Sun, 04 Dec 2022 19:41:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 79048
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c1a6f4805f59db44f9d3520d88701a58
6a0258e8c97ce09f1723382c8a16d9682b7dc50c
ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7503
x-amzn-requestid: a4120308-c51e-4cff-99c2-90e86018b05d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZjCGkVIAMFpsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a2e0-6fdf362a6d32449239476155;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dy619jlSTwCjwDhGuLmwTMcmuYj1Kg2oLA7xORyAYX8IHWimhNo6pw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:23:21 GMT
age: 44288
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 79130
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 78707
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 78688
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 49569
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/
139.59.81.175302 Found 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET / HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 19:41:30 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: verification/
x-powered-by: PHP/8.0.26, PleskLin
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/
139.59.81.175200 OK 11 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1057)
Hash b709b27d61870bd9cd6a21da13579c2a
5947fe65ac9792891c7f239baa0f0d8701edf317
069be79784f6004d6eb4dc6f2eabe2ad12802fefe9626bb13d0b37b707b51c7e
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/ HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:30 GMT
content-type: text/html; charset=UTF-8
content-length: 10582
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/8.0.26, PleskLin
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/require-jquery.js
139.59.81.175200 OK 92 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/require-jquery.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash 6ce214c362fc1910a6ccda7dde4f1628
a3c400aa0daaa3a2f5b285feccb369e35b486a89
20c4e055502233d4088725a990c6d26894639753e810ae967bfa21915ea61be7
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/require-jquery.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
content-length: 92
x-accel-version: 0.01
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "4a-5bec11520f400-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/search.svg
139.59.81.175200 OK 1.5 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/search.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ace472e478185d5f5ecd18c7d821eff7
c4c97892e41d3dd838912c42fd7a7b212f671d1b
c8b13b10e28b6b420151db578831a416b7c1805d7672eeb57e69dc697fda1e27
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/search.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 1465
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-5b9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/go-now(1).png
139.59.81.175200 OK 8.0 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/go-now(1).png
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 49754396635190a6532dd376acc76ee1
526df243e2adbf5719b082c5e04190ed40209ccd
0962cc2915393132882747bf55b069572324019764af92ec02d5d0249bfdff99
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
GET /verification/files/go-now(1).png HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/png
content-length: 8026
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-1f5a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/location.svg
139.59.81.175200 OK 2.6 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/location.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9b913bc84d41ec1c78da5889d36e1431
21b0075c9ec43a7ec769dde1d1ec8149b0686c0f
87d11356a8f76ef3af3c6d46bc4958cf3746e9a5b69e81d1df952b274319f539
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/location.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 2586
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-a1a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/calculate_price.svg
139.59.81.175200 OK 2.3 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/calculate_price.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6204f7fb48ef86964b4b1cce343ebdde
d60b7e47e22615fdea2a24e102200090b466b862
edbb6a59137018b9a8229184aac04a2661787564cdf4484229bee96d7c11e771
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/calculate_price.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 2302
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-8fe"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/logo-sb.svg
139.59.81.175200 OK 3.6 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/logo-sb.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0418f7120dc6cdd1d7aa0f8219ec9af2
3bb6c6edee3cc1c072117795611e2f67383cdc44
4b5aaf0dc8f59e71849219fae0a225aeb3914bebcc363753f22b5713627b0094
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/logo-sb.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 3557
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-de5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/helpers.js
139.59.81.175200 OK 358 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/helpers.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (695), with no line terminators
Hash 2fc1a84aa717ba9ca2584c632d0bfb42
e3f89c1d5741bd85f5b20923a71a53115d0aa6b4
faac3ddb5c8775e66d1d0d3fa7f81695abe17c196589f02d31cd1bc9e91fcac3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/helpers.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
content-length: 358
x-accel-version: 0.01
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "2b7-5bec11520f400-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/megamenu-v2.css
139.59.81.175200 OK 6.8 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/megamenu-v2.css
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (44725), with no line terminators
Hash dd50b1e7c48b91dd98cd1c4867986016
ce53d0a3e6f83adb82d5c28b7c8b5f454d8fb4b7
94c4ef480107c88b3339dbd6ab209b8caa82eb247ca2968831f6c459c7a2d90f
GET /verification/files/megamenu-v2.css HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-aeb5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0
104.17.224.78200 OK 0 B URL HTTP/2 fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0
IP 104.17.224.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 19:41:32 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: T0ZH1hXNoB6jtguc1LneBuShAW+pnL1xXkATYgstf9s/Ek+CPWrz2AkHZOlSFb4Uzx1M4Yl24Z8=
x-amz-request-id: PR33JFF0ZQ6CYPJT
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 133745
accept-ranges: bytes
set-cookie: __cf_bm=FvgocKYSHFVXbyVTw3kN1bxRW1.MpBUfNpz.jLbJqzA-1670182892-0-Adlg9Z6l5uMeeyKm4P1JrSnDWG98NYAbfkMJVIyqBdRnwNqmbXbkoiKf8Fj7Nrgjqf6QDecnWdJ1XYBvLdHyzHc=; path=/; expires=Sun, 04-Dec-22 20:11:32 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 774705242e79b500-OSL
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/go-now.png
139.59.81.175200 OK 20 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/go-now.png
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 210 x 142, 8-bit/color RGBA, non-interlaced\012- data
Hash d0dad9004bae0df70b06b75557b1df62
4a080764de6b97902413f5c836432a30da348517
2ff8048ab175abf501e134d00a973ca31a7b0de09c2777eab0a2c9dc07ca0289
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
GET /verification/files/go-now.png HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/png
content-length: 20334
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-4f6e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/mailman.svg
139.59.81.175200 OK 1.8 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/mailman.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1426a5796b4337302ee498d4a9265b38
c3b2b8042eb536d43101c5281d5aae8244d1e0e1
87f26b59587d5549f99b77e77519bf17b625c6a693931f54f62accac834e6ff1
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/mailman.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 1827
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-723"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/header-init-search.js
139.59.81.175200 OK 333 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/header-init-search.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash 9673ae677904a3355314af8be4df2483
e6458d61b4d532f9d6b3574f3ad525820fc14790
ea58539a8d67fbe400e5c6279a761239e34b0ebef65764bfd6cf14989b8a6140
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/header-init-search.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
content-length: 333
x-accel-version: 0.01
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "388-5bec11520f400-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/go-now(3).png
139.59.81.175200 OK 20 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/go-now(3).png
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 6311ef7a60f86d77aa48fcc48a675a31
96bc8b2fe87b126ffbf0d7b7ad8419661cb6bd9c
70d715475fb0a4756fc65c50cbb2cf0ca15f7311efc6c54b18e045e6ab202251
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
GET /verification/files/go-now(3).png HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/png
content-length: 19969
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-4e01"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/find_zip.svg
139.59.81.175200 OK 1.5 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/find_zip.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash e30aab66bad715f4fef4b6c42f8490d2
40be7a560b0687cf57c7ef0c0600ca08203a680c
aa6ff55c203834f667cbb01cedb0d409ff3b8f1b5a4de8c89a79b2e7034a8001
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/find_zip.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 1471
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-5bf"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/logo_mobile.svg
139.59.81.175200 OK 2.1 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/logo_mobile.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f8ad388b3e39b860c97de0029ae98a21
9b032ef4ef4100dda1ba44be4836e6956b11387c
9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/logo_mobile.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 2060
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-80c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/tracking.svg
139.59.81.175200 OK 1.6 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/tracking.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 2fb7b372aea93502ca192e5a633d1aa1
ce358703cce32b2176cf6ec94e17341cb6f93f03
58ad849f3ea489d0b2ee4f0dd1e4fd0b613a5248fd6b127a4479646ce4735593
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/tracking.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 1561
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-619"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/hamburger.svg
139.59.81.175200 OK 546 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/hamburger.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash 37c94e8de8729be2b0b9833bafa28f3b
c675396f6d65666dd6047b6e92cbd5429556dbac
b95f434286744e3dbaf5bc56f41d4ce2640da3038461502f7ac243a5931e9435
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/hamburger.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 546
x-accel-version: 0.01
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "222-5bec11520f400"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/stamps.svg
139.59.81.175200 OK 1.1 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/stamps.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 2e722b55bb31b83042310fbf5b45128d
cb6cd5c99c06ba8c04c7795dea4d13241eaaa045
0b68e5b64999ab2e6d137a1886410cc9e8bed0b3863aacd838a3eb008f2bb516
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/stamps.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 1103
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-44f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/po_box.svg
139.59.81.175200 OK 1.6 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/po_box.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d3793852de4f419211843c1f4c05ddb4
8c7eccab4e3865a04553d720c150e4506d8990a0
7487a4b55d8cb9a837520dcb7ea5e50c915b5797c165f9bf7a7a3f8fe468a0a0
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/po_box.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 1639
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-667"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/schedule_pickup.svg
139.59.81.175200 OK 1.8 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/schedule_pickup.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d627861a77e755da093cae9b4db00b7b
fc5ac7d6bc6bf06f53b399848be232b35aa2c5b1
2a5e1fdc8e264327be71c3063cc6bf1dd8a618576310a5d26dc31ba8d6f83616
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/schedule_pickup.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 1775
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-6ef"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/change_address.svg
139.59.81.175200 OK 1.9 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/change_address.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 3955e49630deb78cc1212ba20d83bafc
881ba502127d57c48784703683869abf4c8e28d8
b84842a014070d9363a46638e512476260162014c9bde4bcca7a9ade4177ea12
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/change_address.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 1869
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-74d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/holdmail.svg
139.59.81.175200 OK 1.4 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/holdmail.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4c8f3d7064524311ef86ddd0ded768d1
53ca5f29f603435821d07019cf123e430626f54e
2d45f10e1a6925e9500a4fb6e0223ce4ddfb492a914472ca8229fa01e3f94afa
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/holdmail.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 1448
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-5a8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/free_boxes.svg
139.59.81.175200 OK 1.1 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/free_boxes.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash dc788e0d1e8c7d9463a99882e622730c
a079d9612a9c119a9419b620d9dcfc141dd7e011
a3f1dfab56de547e28606e3e2150167339be6a35c8385486066924874d14df47
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/free_boxes.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 1066
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-42a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/go-now(4).png
139.59.81.175200 OK 22 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/go-now(4).png
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 22ab573e325c944450873345437b0887
0446e4d20c824d38ef4d427cf7e025c8f034f11a
d8573e3e13b1fb40173ea39d5e7fc1b935ae1239b9ca37ac3d7fedf3d966f4ed
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
GET /verification/files/go-now(4).png HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/png
content-length: 22133
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-5675"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/featured_clicknship.svg
139.59.81.175200 OK 1.1 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/featured_clicknship.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Hash 375ed61778c1a49c8d1ea21f31748719
476785aa7126fbd9dcaa3bce84b57c3c120bd5a4
23edd9ac5dba678e1e5f97f2397a69d295e257c4a56e462c686557246081ffa2
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/files/featured_clicknship.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/svg+xml
content-length: 1078
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-436"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/go-now(2).png
139.59.81.175200 OK 27 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/go-now(2).png
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash b596424d2e958b51d7a68b46cadb6855
77eeeff212b8cd75a31beb954907e20bc5f8c831
daaeb825e97d878d0b5d5dfce37a2dd592ac0e1c5b887e24705835442d317365
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
GET /verification/files/go-now(2).png HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: image/png
content-length: 26972
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: "60632950-695c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xenodochial-allen.139-59-81-175.plesk.page
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Sun, 04 Dec 2022 19:41:32 GMT
server: ECAcc (ska/F7BB)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xenodochial-allen.139-59-81-175.plesk.page
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Sun, 04 Dec 2022 19:41:32 GMT
server: ECAcc (ska/F779)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xenodochial-allen.139-59-81-175.plesk.page
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Sun, 04 Dec 2022 19:41:32 GMT
server: ECAcc (ska/F7B7)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/schedule_pickup.svg
192.229.221.165200 OK 923 B URL HTTP/2 www.usps.com/assets/images/home/schedule_pickup.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9f9e044f92360c82183e3a31b774e7b2
273798ee8d4dead89367b835cdb7f65f51e81b47
e4b7ae480aae11558a890826cde2cc6fa10039a787052dfc72cdad3e7a772373
GET /assets/images/home/schedule_pickup.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 66636
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 19:41:32 GMT
etag: "6ef-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/732F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 923
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/cards-and-envelopes.svg
192.229.221.165200 OK 1.1 kB URL HTTP/2 www.usps.com/test/nav/images/cards-and-envelopes.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5d63c3636efb2bbcb327ed13b714367b
c7e326811c101213173c2a585d1e9700731816ed
c63dd4b3239df8b0709202228ad62b9e06ec96c346d8f86f9e33a554973b795f
GET /test/nav/images/cards-and-envelopes.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 28543
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 19:41:32 GMT
etag: "8a9-560f10e8c16c0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:11 GMT
server: ECAcc (dcb/7F6F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1056
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/footer-sb.css
139.59.81.175200 OK 1.6 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/footer-sb.css
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (3179), with CRLF line terminators
Hash c3afb08998495384ff5129e6f6f4c849
c8b467dbe63a7607af9c13b648a5ce58fe287602
98c04b6c4c8a0f88c55a6efc91c4ce14c91f4226cd98313ead41e96748ef93ed
GET /verification/files/footer-sb.css HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-c6d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/tracking.svg
192.229.221.165200 OK 844 B URL HTTP/2 www.usps.com/assets/images/home/tracking.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 04034bbe69ef912819cee070ff866703
2c96d71004568c2b460a7f8b796ae45ad89999ec
959755a6f38fb278acd6abb223db552ecf757c291f437149663009aafb83a181
GET /assets/images/home/tracking.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 82948
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 19:41:32 GMT
etag: "619-5494e7f71e280+gzip"
last-modified: Fri, 24 Feb 2017 22:46:18 GMT
server: ECAcc (dcb/7E95)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 844
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/holdmail.svg
192.229.221.165200 OK 768 B URL HTTP/2 www.usps.com/assets/images/home/holdmail.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 2f40bbb9da0d97f2ba3f3efcfd7533af
34c76f88cdda4be234b58a76e466bc7a972f14ea
f1d176e77951f74582e7e311d99f98f7ce582bdb30051987f257eb3393ee2069
GET /assets/images/home/holdmail.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 66733
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 19:41:32 GMT
etag: "5a8-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7EFC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 768
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/search.svg
192.229.221.165200 OK 795 B URL HTTP/2 www.usps.com/assets/images/home/search.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ccfe748c6040d78e356b03d1a731585e
3e15bb471b3c3d0a5cebc3ccd137b5daf9273b7e
9a1b75fecaa2e0de127c36ddbb63c1bc2c44b3f81eed395734dee1ce837162fe
GET /assets/images/home/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 66072
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 19:41:32 GMT
etag: "5b9-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7F4B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/metrics-all.js
139.59.81.175200 OK 3.9 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/metrics-all.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash f0d8090415e2223f4d11d04aef369c92
cb193c899cb57779864780bb757d46a761fe2a92
125fa0bcc4be13d020ab02583c230ff6d08ced3d0b626b3eea8c958a0871672a
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/metrics-all.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-2bde"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/optimize.js
139.59.81.175200 OK 34 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/optimize.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1972)
Hash 4188d4f271a9ebfb123bcad99a55ec69
3aa46ea45a19a1f619bd291de51af10654d7e806
64de0820790d661f1571bcd2ba8c52d8b7ca0e0bd79f71f30041db2550c47d13
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/optimize.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-16b8d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/location.svg
192.229.221.165200 OK 1.2 kB URL HTTP/2 www.usps.com/assets/images/home/location.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9d8433f178d5a7b839a8bf25552c62b0
c21cec68e524862992f4aa51bf6955b953a65112
d01cb5a23f9b7f4a0a3db27cfd3d90e3813e75ed498fdbabe4df3a859390bd4f
GET /assets/images/home/location.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 66259
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 19:41:32 GMT
etag: "a1a-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7F25)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1209
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/calculate_price.svg
192.229.221.165200 OK 772 B URL HTTP/2 www.usps.com/assets/images/home/calculate_price.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 42af7d5484bf8f80ac930313caa5941f
c3dbaf338d7fa81845487333c0cba5b8341bd140
f8f9b52e8d7b815deba988cfcdc6596e9e7b6671075907290c8e96679b18fb2c
GET /assets/images/home/calculate_price.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 66701
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 19:41:32 GMT
etag: "8fe-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/7304)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 772
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/featured_clicknship.svg
192.229.221.165200 OK 493 B URL HTTP/2 www.usps.com/assets/images/home/featured_clicknship.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Hash efb53558ef3932a80523af92bdda2085
1a97f57d64bc76f296423e1ddbdba9bc71b6d754
f0a25ce9d4e04e6b12bfc528584d599d5e472238849b0e1c66ff5357058d38fe
GET /assets/images/home/featured_clicknship.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 66783
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 19:41:32 GMT
etag: "436-5494e7bfce000+gzip"
last-modified: Fri, 24 Feb 2017 22:45:20 GMT
server: ECAcc (dcb/7F6B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 493
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/collectors.svg
192.229.221.165200 OK 561 B URL HTTP/2 www.usps.com/test/nav/images/collectors.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8439e88bd2e43656b157f9c184635032
ddcb40776177a5eac36973e53f2f8bab73e65ea3
5ea3f924c3453a9b8a3f79251377f385f83c8cf9618129427795adf186b9338e
GET /test/nav/images/collectors.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 66650
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 19:41:32 GMT
etag: "461-560f10f803ac0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:27 GMT
server: ECAcc (dcb/7FEB)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 561
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/qt.css
139.59.81.175200 OK 9.8 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/qt.css
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1599), with CRLF, LF line terminators
Hash cc888a8f7ce3b3b547a55d09498027bd
788274c5a666798351c18d9dbe4a95ac030d7f4f
35e096719f90a357aecee3618054792a77b9d4e84aee7f4d39d8277af56961e8
GET /verification/files/qt.css HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-c800"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/jquery.min.js(1).download
139.59.81.175404 Not Found 921 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/jquery.min.js(1).download
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fb850f967c5c02bafaad84292074d36d
e91e0f43192a123bc160fddb982fe2bbd2260a0f
9672f1dd64d018f7a0c97cfeeef5dfe45d3ce70d329f2e383057c625a2ae74cc
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/jquery.min.js(1).download HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: text/html
last-modified: Fri, 05 Aug 2022 19:35:32 GMT
etag: W/"328-5e58391c54e6b"
content-encoding: br
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xenodochial-allen.139-59-81-175.plesk.page
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Sun, 04 Dec 2022 19:41:32 GMT
server: ECAcc (ska/F6EC)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xenodochial-allen.139-59-81-175.plesk.page
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Sun, 04 Dec 2022 19:41:32 GMT
server: ECAcc (ska/F6BE)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xenodochial-allen.139-59-81-175.plesk.page
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Sun, 04 Dec 2022 19:41:32 GMT
server: ECAcc (ska/F7A8)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2
139.59.81.175404 Not Found 808 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2 HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 19:41:32 GMT
content-type: text/html
content-length: 808
last-modified: Fri, 05 Aug 2022 19:35:32 GMT
etag: "328-5e58391c54e6b"
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2
139.59.81.175404 Not Found 808 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2 HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 19:41:32 GMT
content-type: text/html
content-length: 808
last-modified: Fri, 05 Aug 2022 19:35:32 GMT
etag: "328-5e58391c54e6b"
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2
139.59.81.175404 Not Found 808 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2 HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 19:41:32 GMT
content-type: text/html
content-length: 808
last-modified: Fri, 05 Aug 2022 19:35:32 GMT
etag: "328-5e58391c54e6b"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.usps.com/global-elements/lib/script/require-jquery.js
192.229.221.165200 OK 74 B URL HTTP/2 www.usps.com/global-elements/lib/script/require-jquery.js
IP 192.229.221.165:0
File type ASCII text, with no line terminators
Hash ea38e8196b75d9720bc3902d6d735130
165284464c58d7f213c1211f2c433873299e4527
cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9
GET /global-elements/lib/script/require-jquery.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 52479
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Sun, 04 Dec 2022 19:41:32 GMT
etag: "4a-5057c23aa4c00"
last-modified: Wed, 15 Oct 2014 20:40:16 GMT
nncoection: close
server: ECAcc (dcb/7F20)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 74
X-Firefox-Spdy: h2
www.usps.com/global-elements/header/script/search-fe.js
192.229.221.165200 OK 930 B URL HTTP/2 www.usps.com/global-elements/header/script/search-fe.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (2264), with no line terminators
Hash 044ed97a28abfb41b4962d4be4f1a9a2
376bd4af5ff97565cf9565904b615bffbea08690
19c16113aa7d624c43ffefd992d78b420fc3a195d99578684d0abf52fbabce71
GET /global-elements/header/script/search-fe.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 7429
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Sun, 04 Dec 2022 19:41:32 GMT
etag: "8d8-5d77081c47c40+gzip"
last-modified: Mon, 07 Feb 2022 16:58:17 GMT
server: ECAcc (dcb/7FD8)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 930
X-Firefox-Spdy: h2
www.usps.com/global-elements/lib/script/helpers.js
192.229.221.165200 OK 358 B URL HTTP/2 www.usps.com/global-elements/lib/script/helpers.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (695), with no line terminators
Hash a94bd840611f82766bdd01435e0325d4
195b9eccc89fd504aaa416ecfc05b277e3b1862b
c9df217c213bc4a79f26f7996533f4e02e031f82d7f1b88ccdc0f39504573d46
GET /global-elements/lib/script/helpers.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26676
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Sun, 04 Dec 2022 19:41:32 GMT
etag: "2b7-505dad4fe5380+gzip"
last-modified: Mon, 20 Oct 2014 13:38:38 GMT
server: ECAcc (dcb/7338)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 358
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/utility_languages.png
192.229.221.165200 OK 1.5 kB URL HTTP/2 www.usps.com/assets/images/home/utility_languages.png
IP 192.229.221.165:0
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 410956805d5701e87299cff412827e1a
5de9a390649dfc12e3d6df431140d499ad8abd67
6e727dbf5b0f4a3ec76762e445ad2c5cb750f7de41afb8b0342f903124d09826
GET /assets/images/home/utility_languages.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 66506
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Sun, 04 Dec 2022 19:41:32 GMT
etag: "5b0-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7E8E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1456
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/footer.css
139.59.81.175200 OK 2.1 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/footer.css
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2933), with no line terminators
Hash c50fba0b6428aebc494aa51cc7db1df7
e4a7dbdd64ee9a763826e70a0f586f6aa344256b
947f96fec225caaf7a9a5e9e7b97bdf19bfe06bd65604c5c4c5bd37dc896c13f
GET /verification/files/footer.css HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-b75"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/tracking-cross-sell.css
139.59.81.175200 OK 1.7 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/tracking-cross-sell.css
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (3075), with no line terminators
Hash 542aad681ab2c2954c50eb172c7c93be
3002be51b4e9ad5504676ae9b286e65c38edde3c
5acf251e1d40904786b03a961e8fdd5b330103e8cf647bc3735159e727e456c8
GET /verification/files/tracking-cross-sell.css HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-c03"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/utility_customer_service.png
192.229.221.165200 OK 1.3 kB URL HTTP/2 www.usps.com/assets/images/home/utility_customer_service.png
IP 192.229.221.165:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 3500d365cd94527c71fe9c70d5cda435
0c7bede628d74cefaf5fce1b675c0ce3c72c78c9
34b28a24c5414dab68a15be6613536d905faf33fbf1aed8ee4702caa60be9bca
GET /assets/images/home/utility_customer_service.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 66175
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Sun, 04 Dec 2022 19:41:33 GMT
etag: "51b-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7EB6)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1307
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/main.css
139.59.81.175200 OK 13 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/main.css
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (49380), with CRLF line terminators
Hash c480ba8212c41396f8f89922e01337a1
46304d8e35cd7ed2d5cd3290cedd1c8e21da800b
36fa023f80ac96dfd34c69c40ab20bf702921741db57a0ab742b3db487facf4b
GET /verification/files/main.css HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-1370f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/jquery-ui.min.css
139.59.81.175200 OK 8.0 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/jquery-ui.min.css
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (29153), with CRLF line terminators
Hash ba630122aa1dcd2f6a1f8c3f59bf80b9
5e90798816005f48f09fbca94adde56cef072564
13c435e6f635118ef2a5d01125d825fc88d86b0f473bb2143ed02d99707af039
GET /verification/files/jquery-ui.min.css HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-7d19"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.usps.com/global-elements/footer/script/jquery-3.5.1.js
192.229.221.165200 OK 31 kB URL HTTP/2 www.usps.com/global-elements/footer/script/jquery-3.5.1.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 2a0ef702291c837a85b6c7c2275fdac6
7937023d7bc07c2a6d1e29f316836995fbdbf997
921bf2826576dbc494161d3021ee21b0b844ed89f0b2b630e7d579b69ab1a9ba
GET /global-elements/footer/script/jquery-3.5.1.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 54673
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Sun, 04 Dec 2022 19:41:33 GMT
etag: "15d84-5affcd6633ac0+gzip"
last-modified: Wed, 23 Sep 2020 15:35:47 GMT
server: ECAcc (dcb/7F9B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 30950
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff
139.59.81.175404 Not Found 808 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 19:41:33 GMT
content-type: text/html
content-length: 808
last-modified: Fri, 05 Aug 2022 19:35:32 GMT
etag: "328-5e58391c54e6b"
accept-ranges: bytes
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff
139.59.81.175404 Not Found 808 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /verification/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 19:41:33 GMT
content-type: text/html
content-length: 808
last-modified: Fri, 05 Aug 2022 19:35:32 GMT
etag: "328-5e58391c54e6b"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.usps.com/global-elements/lib/script/resize-manager.js
192.229.221.165200 OK 468 B URL HTTP/2 www.usps.com/global-elements/lib/script/resize-manager.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (1040), with no line terminators
Hash 7dfda1d5c69fea0090eb0e1dd8f9cc69
731696ce554e4a61def2c1b2c42f593b2d663ec2
f59a56b127f6d56e1af875fde9db49dcd3fc70cd952445b3f0d259f4acc52a5e
GET /global-elements/lib/script/resize-manager.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 80278
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Sun, 04 Dec 2022 19:41:33 GMT
etag: "410-5057c23b98e40+gzip"
last-modified: Wed, 15 Oct 2014 20:40:17 GMT
server: ECAcc (dcb/7F54)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 468
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/global-elements/footer/images/footer-logo.png
139.59.81.175404 Not Found 1.2 kB URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/global-elements/footer/images/footer-logo.png
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65ef9ca0392d3e90efec59fbcb273be
9f5712dc3db8ae0c15159505a027c24307ac716c
ff27631fbff99698001991875e83ffb55ce85a29fc2b4c07c8aa8290f8955e39
GET /global-elements/footer/images/footer-logo.png HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/files/footer-sb.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 19:41:32 GMT
content-type: text/html
last-modified: Fri, 05 Aug 2022 19:35:32 GMT
etag: W/"328-5e58391c54e6b"
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/bootstrap.min.css
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/bootstrap.min.css
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
GET /verification/files/bootstrap.min.css HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-1d903"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/ge-login.js
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/ge-login.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/ge-login.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-245d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/require.js
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/require.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/require.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-440f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/search-fe.js
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/search-fe.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/search-fe.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-8bb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/datepicker3.css
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/datepicker3.css
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
GET /verification/files/datepicker3.css HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-527d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/resize-manager.js
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/resize-manager.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/resize-manager.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-410"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/OneLinkUsps.js
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/OneLinkUsps.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/OneLinkUsps.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-e37"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/jquery.min.js
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/jquery.min.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/jquery.min.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-14b60"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/jquery-3.5.1.js
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/jquery-3.5.1.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/jquery-3.5.1.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-15d84"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf
139.59.81.175404 Not Found 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 19:41:33 GMT
content-type: text/html
last-modified: Fri, 05 Aug 2022 19:35:32 GMT
etag: W/"328-5e58391c54e6b"
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/megamenu.js
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/megamenu.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/megamenu.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-3651"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/2381d918-136d-444f-8391-db0cba6da388.ttf
139.59.81.175404 Not Found 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/2381d918-136d-444f-8391-db0cba6da388.ttf
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/fonts/2381d918-136d-444f-8391-db0cba6da388.ttf HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 19:41:33 GMT
content-type: text/html
last-modified: Fri, 05 Aug 2022 19:35:32 GMT
etag: W/"328-5e58391c54e6b"
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/images/nav-red-chevron.svg
139.59.81.175404 Not Found 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/images/nav-red-chevron.svg
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/images/nav-red-chevron.svg HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/files/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 19:41:32 GMT
content-type: text/html
last-modified: Fri, 05 Aug 2022 19:35:32 GMT
etag: W/"328-5e58391c54e6b"
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/calendar.css
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/calendar.css
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
GET /verification/files/calendar.css HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-38fd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/jquery-3.2.1.js
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/jquery-3.2.1.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/jquery-3.2.1.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-15283"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/main-sb.css
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/main-sb.css
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
GET /verification/files/main-sb.css HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-225c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/modernizr.js
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/modernizr.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/modernizr.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-2bfd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/schedule-redelivery.css
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/schedule-redelivery.css
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
GET /verification/files/schedule-redelivery.css HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-59fe"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf
139.59.81.175404 Not Found 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 19:41:33 GMT
content-type: text/html
last-modified: Fri, 05 Aug 2022 19:35:32 GMT
etag: W/"328-5e58391c54e6b"
content-encoding: br
X-Firefox-Spdy: h2
xenodochial-allen.139-59-81-175.plesk.page/verification/files/megamenu-additions.js
139.59.81.175200 OK 0 B URL HTTP/2 xenodochial-allen.139-59-81-175.plesk.page/verification/files/megamenu-additions.js
IP 139.59.81.175:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /verification/files/megamenu-additions.js HTTP/1.1
Host: xenodochial-allen.139-59-81-175.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xenodochial-allen.139-59-81-175.plesk.page/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:41:31 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 13:36:16 GMT
etag: W/"60632950-541"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2