Report - qutana.co.ke/2parceltr5acks8/verification/

Report Overview

Submitted URL
qutana.co.ke/2parceltr5acks8/verification/
IP
170.10.162.193
ASN
#32748 STEADFAST
Submitted
2023-04-21 18:40:31
Access
public
Website Title
Final URL
Tags
usps logistics phishing
urlquery detections
Phishing - US Postal Service

Detections

urlquery
72
Network Intrusion Detection
0
Threat Detection Systems
104

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
tools.usps.com	12881	2013-04-18	2023-04-21	457 B	1.3 kB	192.229.221.165
qutana.co.ke	unknown	2019-07-23	2023-02-21	36 kB	367 kB	170.10.162.193
fast.fonts.net	2905	2013-07-13	2023-04-20	460 B	843 B	104.17.225.78
www.usps.com	11794	2012-05-24	2023-04-20	14 kB	81 kB	192.229.221.165

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/jquery.min.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/metrics-all.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/optimize.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/helpers.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/search-fe.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/jquery.min.js(1).download
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/hamburger.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/logo-sb.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/logo_mobile.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/search.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/mailman.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/tracking.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/location.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/schedule_pickup.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/stamps.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/calculate_price.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/find_zip.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/holdmail.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/change_address.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/free_boxes.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/po_box.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/featured_clicknship.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/require-jquery.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/resize-manager.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/OneLinkUsps.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/megamenu.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/ge-login.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/megamenu-additions.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/header-init-search.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/jquery-3.2.1.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/modernizr.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/require.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/require-jquery.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/helpers.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/search-fe.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/resize-manager.js
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/files/jquery-3.5.1.js
2023-04-21	medium	qutana.co.ke/global-elements/header/images/utility-header/mailman.svg
2023-04-21	medium	qutana.co.ke/global-elements/header/images/package-intercept.svg
2023-04-21	medium	qutana.co.ke/global-elements/header/images/schedule-redelivery.svg
2023-04-21	medium	qutana.co.ke/global-elements/header/images/icon-personalize-stamped-envelopes.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/images/nav-red-chevron.svg
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf
2023-04-21	medium	qutana.co.ke/2parceltr5acks8/verification/fonts/2381d918-136d-444f-8391-db0cba6da388.ttf

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	qutana.co.ke/2parceltr5acks8/verification/files/require-jquery.js	74 B	2023-03-07	2024-04-19
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/require-jquery.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:57 Times Seen9105 Hash ea38e8196b75d9720bc3902d6d735130 165284464c58d7f213c1211f2c433873299e4527 cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9 Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/helpers.js	695 B	2023-03-07	2024-04-19
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/helpers.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:57 Times Seen9081 Hash 5372347b4f98f60b33579180ef6a3567 02064f1641c40b35c14a0da9ee310de54ff76cd5 7fa317b049ed33139394313aba29f27b7f11a226270bf10ce1c26d674c0177e4 Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/resize-manager.js	1.0 kB	2023-03-07	2024-04-19
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/resize-manager.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:57 Times Seen8840 Hash 90d8fb00194d91e9dd20281817c285d6 e7e37421b14a39e0d3787988a52a45d27ec3761f 479b585bb1f3ca011746467c115b58ca0cd6ac62aa68c9d953635b3344953887 Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/modernizr.js	11 kB	2023-03-07	2024-04-19
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/modernizr.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:56 Times Seen5444 Hash 66e83c4165a234cdda478a9c55cb90db 22e9211030a1f612ef4acd010185181bde967307 779ab662607b48249e86f3c27e9eafff4bbc808b48899a439d5cd9b2c78f99e6 Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/metrics-all.js	11 kB	2023-03-07	2024-04-17
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/metrics-all.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:04 Last Seen2024-04-17 18:24:10 Times Seen1224 Hash 65ab5df156a2a51b278f9967fc154f28 db841daeeb75283b73216a616f52489f6f3bebc3 c7a923623e0ef6cf3ec2c4afa6b3f757ee1f183ac9503e7295629fff50a27597 Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/optimize.js	93 kB	2023-03-07	2024-04-17
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/optimize.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:04 Last Seen2024-04-17 18:24:10 Times Seen1160 Hash 8a59b241d202a479a0b46f967afcfefa 2e3e28efbc1d20256eabb526bc59b2ac17dc90f7 611e8b291568bc69886b5cf92f1cf782092132d85098e851013bcff53c3f5c92 Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/ge-login.js	9.3 kB	2023-03-07	2024-04-17
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/ge-login.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:04 Last Seen2024-04-17 18:24:11 Times Seen1127 Hash 252bc5d05d5ac9f132978968489a9b37 49cfe0b8d8d08038bf070f11addd9ab53c9ae67e 12de71624f55c7c5e1f462fdfde80f207c449f478917d21c82e65f5b9672cbfd Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/header-init-search.js	904 B	2023-03-07	2024-04-19
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/header-init-search.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:56 Times Seen6679 Hash d8cb563907e68e9649948c6f521efe60 f5b7cf8123929db8162a2af51d07dd11c21fbac3 fd1e9eadb5698c1bc534ef8a75303b3b67f5e1ab7d1b217b27b09da42aa5036a Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/jquery.min.js	85 kB	2023-03-07	2024-04-19
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/jquery.min.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:56 Times Seen5580 Hash 8234c1aca62c1e09cc00f7fb5908d309 831062e805247046abdbab52149b03604119fd11 e1ee1eb92c6acc3fbf821c99963ad92dd9954d576eababe7f6df6800f91bc062 Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/jquery-3.2.1.js	87 kB	2023-03-07	2024-04-19
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/jquery-3.2.1.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 12:42:09 Times Seen60863 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	qutana.co.ke/2parceltr5acks8/verification/	613 B	2023-03-07	2024-04-17
Pretty URL qutana.co.ke/2parceltr5acks8/verification/ IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07:04 Last Seen2024-04-17 18:24:10 Times Seen775 Hash cc297ba2a283a306536c7b47d28e5327 9bc60fc2d3f9eed2d2501080ebbdc726380975c0 3dd4de6bec3e1e7deb446cda4c080d2c9355a6a49b2cac87ad9cd6cf932d4fd2 Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/require.js	17 kB	2023-03-07	2024-04-19
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/require.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:56 Times Seen6768 Hash 16e572a4f80526df4bc3cc7ff056a9a8 f23b5c2fd52e855245e3d2586cd911051561e64c 75237772a7bc8c6eaadbe642be69503335c5842af8981688250a8d4f0f61c377 Loading...

	www.usps.com/global-elements/footer/script/jquery-3.5.1.js	90 kB	2023-03-07	2024-04-19
Pretty URL www.usps.com/global-elements/footer/script/jquery-3.5.1.js IP 192.229.221.165 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 12:03:13 Times Seen12824 Hash 9ac39dc31635a363e377eda0f6fbe03f 29fa5ad995e9ec866ece1d3d0b698fc556580eee 9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38 Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/OneLinkUsps.js	3.6 kB	2023-03-07	2024-04-19
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/OneLinkUsps.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:56 Times Seen6040 Hash b60628830a1d34363f98c9443b856555 ba386fdd91d2db7fb6749982caa78bef59028077 68482663e769a15815d142d88f7a4d8105c02fe2bd37a9899a019b518f17a2b3 Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/megamenu.js	14 kB	2023-03-07	2024-04-19
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/megamenu.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:56 Times Seen3808 Hash f91cb845e3581dd07e23db07e02c2366 ffb9ee2cad8c59914fcc3000ba8153a167036738 df75a5a617c9d258b4127a64b9c19a4c2c8b95b2036b97530a3d513c672cf110 Loading...

	www.usps.com/global-elements/header/script/search-fe.js	2.3 kB	2023-03-07	2024-04-19
Pretty URL www.usps.com/global-elements/header/script/search-fe.js IP 192.229.221.165 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:57 Times Seen8116 Hash f7f70265f5cf47386622e433317412cb e1b28284e51c848685c7ea6d19ff551284c58e8a 766a3dfb7dab82af4fae555132f7fdbacb7d167f17015fbb23c9591daaaf698b Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/search-fe.js	2.2 kB	2023-03-07	2024-04-17
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/search-fe.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:04 Last Seen2024-04-17 18:24:11 Times Seen1528 Hash 418d20c9da7f39976dcd043467cd9c05 242c058aa62349fe3fa781ce9ef622f882c73d6a 55bf60330b23f3982e77dd63d9796997da15a61bddec70142f2c7eefed880c66 Loading...

	qutana.co.ke/2parceltr5acks8/verification/files/megamenu-additions.js	1.3 kB	2023-03-07	2024-04-19
Pretty URL qutana.co.ke/2parceltr5acks8/verification/files/megamenu-additions.js IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:56 Times Seen6020 Hash 847cc8bd91110ff714275c5a29fbd404 cff690cc070f9539cc1c325ed150b819018e8df7 a33554bd04b3364c1e47b719799ae0df426bb17f9c8ec422bb346227534ebdbd Loading...

	qutana.co.ke/2parceltr5acks8/verification/	24 B	2023-03-07	2024-04-19
Pretty URL qutana.co.ke/2parceltr5acks8/verification/ IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:56 Times Seen5674 Hash 56d62f55706e2e153678329e7bcd94d8 c00d14b88b1fa94b12c0aafb761e676e73758fc9 6949901ccecaa8c8c40ac181981a5a291b81648a0a5ab42223db4875bdd5235c Loading...

	qutana.co.ke/2parceltr5acks8/verification/	25 B	2023-03-07	2024-04-19
Pretty URL qutana.co.ke/2parceltr5acks8/verification/ IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:56 Times Seen1996 Hash f467b64f19191da4e5c8ac5b4edb02b2 7abcaf406c9ff382bd7f7c75c7653fbff03f0410 33c959a2c76326692f3647ba8d01dc64c6374357f098dea1db067a974843b526 Loading...

HTTP Transactions (103)

URL IP Response Size

qutana.co.ke/2parceltr5acks8/verification/

170.10.162.193

200 OK

707 B

URL User Request GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/ HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 21 Apr 2023 18:40:15 GMT
server: LiteSpeed
location: https://qutana.co.ke/2parceltr5acks8/verification/

qutana.co.ke/2parceltr5acks8/verification/files/footer-sb.css

170.10.162.193

200 OK

798 B

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/files/footer-sb.css
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (3179), with CRLF line terminators
Size
798 B (798 bytes)
Hash
8b7cab3058476e6b4e7ea4d274668e2a
0c065deaa425d1def273e0de471a1334ff46fc98
85cfd44c755118e839b831e4bbb6940ff14ec672e7cbf32075b706aedd00b973

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/footer-sb.css HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 798
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

qutana.co.ke/2parceltr5acks8/verification/files/jquery.min.js

170.10.162.193

200 OK

29 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/jquery.min.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65453)
Size
29 kB (28863 bytes)
Hash
494b9da6af3c49ed6aa465e13172be0b
df59a1e0bb394398229e84871f81c9a465e69c13
1494a61cf3bb551ee309dfdb6428c6b9bc7e4f22f6c74c45c579e747ae3c16f7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/jquery.min.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 28863
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/metrics-all.js

170.10.162.193

200 OK

3.0 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/metrics-all.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
3.0 kB (2998 bytes)
Hash
ff4a4fa1ace863f6cc9c3360cab7b52e
c426b54ccf1e9990d651d3d4fa24c3633997dac0
5e121b9ec56290b3ac723d170021406bf64ca56b9342d04bb4269cc5311b8efa

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/metrics-all.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2998
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/calendar.css

170.10.162.193

200 OK

2.4 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/calendar.css
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (14589), with no line terminators
Size
2.4 kB (2409 bytes)
Hash
77298a269e193797cf3887b9d81dd281
14fb65a29ed6efee423a61399882040e1361e1a6
3822ab21b74ce81082b0a4eedef8d86f89c934be0f0de9ee5b7015e4a7a31be6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/calendar.css HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2409
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/footer.css

170.10.162.193

200 OK

809 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/footer.css
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (2933), with no line terminators
Size
809 B (809 bytes)
Hash
d971a7637f56e0dc4cf0fdb80f808a3c
ca16f125643ea88e75c12ab6d5e5370b97c852d9
efb7ba97d98b9f86045b51abf1e031ec7d8abfe81469c249d1e5e424bc22949a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/footer.css HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 809
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/datepicker3.css

170.10.162.193

200 OK

2.2 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/datepicker3.css
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (20872)
Size
2.2 kB (2201 bytes)
Hash
434ef40882cf76e3a14f2479fd563e56
d58caaad57ab154075db63231077ab7f0f2e7ae3
30a70e51276444fe1bd03accc93755ff155683132c07b4ba8f10ac41f4c2ce1e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/datepicker3.css HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2201
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/tracking-cross-sell.css

170.10.162.193

200 OK

900 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/tracking-cross-sell.css
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (3075), with no line terminators
Size
900 B (900 bytes)
Hash
a621018b4ec82dc0ecfe53a1be7c7127
98b1bd5d346965c091af17c1af55f6b096f8afaa
9fcf387e962cb09871c6c1db98ab55c873ea10f8c708287d1523e7f5e4b74e38

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/tracking-cross-sell.css HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 900
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/jquery-ui.min.css

170.10.162.193

200 OK

7.3 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/jquery-ui.min.css
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (29153), with CRLF line terminators
Size
7.3 kB (7296 bytes)
Hash
f7284da537ba640f699a386a4a69a28c
0f9330af7df518939ded6a88490f033417f93626
8e2353b975bfc36702c24cebeefd3a06acc526c9af324b5a2759eb7fee3402c3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/jquery-ui.min.css HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7296
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/main.css

170.10.162.193

200 OK

13 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/main.css
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (49380), with CRLF line terminators
Size
13 kB (12672 bytes)
Hash
808c951ca43b06fd4a8a20e8491441ed
5a58d716719e71422d20cc1a5faf92982fd72a15
46793f45263a6000a67e026c14011ba32cd0f64ba5bb157ad6d6a9d11c7078d3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/main.css HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12672
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/optimize.js

170.10.162.193

200 OK

34 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/optimize.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (1972)
Size
34 kB (33916 bytes)
Hash
579b02b1f9c1f9d0792f8f60c63cea25
1ad9adee6b8c72f16ee573239ec14b50f9f19bbe
53fd65763bb61571c0dff7e4aede3f511a59f0b14e85b0d79fed8c8e6ad2cac3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/optimize.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 33916
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/bootstrap.min.css

170.10.162.193

200 OK

18 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/bootstrap.min.css
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65371)
Size
18 kB (18216 bytes)
Hash
48ffddcd2a2d788c86f4fb0554e1767e
cd88db8a9506edf1b59094f059bce9de4eef0a20
8fcb085d3cddbc9cfeb246e2e5a90939bcbae0d4b7268ce93f6032beb153f6aa

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/bootstrap.min.css HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18216
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/helpers.js

170.10.162.193

200 OK

314 B

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/files/helpers.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (695), with no line terminators
Size
314 B (314 bytes)
Hash
e75cc68c4c27b12b76ae31cb2fe4eed8
94dcb708ef049e33c887b141a56450fde32e9962
1750f16e49b19c708e109d74fe019afffc546a4c6731a708e4f3d5396d960512

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/helpers.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 314
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/search-fe.js

170.10.162.193

200 OK

799 B

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/files/search-fe.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (2235), with no line terminators
Size
799 B (799 bytes)
Hash
ea0ee884dd317be7c69a2478a9883ca5
fa4cd2dd30c42992fed0c1d1d96f6cf1e9adae17
0037cd59a6f3211a5384c70bd7d75e380350cea5a60513ea80810cf9bf673f73

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/search-fe.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 799
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/jquery.min.js(1).download

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/jquery.min.js(1).download
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/jquery.min.js(1).download HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/hamburger.svg

170.10.162.193

200 OK

251 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/hamburger.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Size
251 B (251 bytes)
Hash
6117d3cf5b5f672ad9663495887f7c39
061ffb7390a757090c8fb4a98377b913e77f9057
92f4c36e86624fbf0798ec53a025dce08a015746547c11dc6c985939f00cedea

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/hamburger.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 251
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/logo-sb.svg

170.10.162.193

200 OK

1.6 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/logo-sb.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.6 kB (1558 bytes)
Hash
dc71a0b5830a88cb37bc5859ddd6febf
eaa6e0cf855bea15fa29ecb2b1e38b4517abf435
a8c267efe95994a2b7c49ea67e6799970424d0f2321a938a2f04d39655cb394a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/logo-sb.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1558
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/logo_mobile.svg

170.10.162.193

200 OK

851 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/logo_mobile.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
851 B (851 bytes)
Hash
771732e6b2c2a1d1ca6a5b4b037f4364
839ceb5132e83f66a17835133bac5760a05aed46
1dcab98190e88027b2a5decb1ec2443a3f4b7eb2c1da8b399d676f807f83f4f0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/logo_mobile.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 851
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/search.svg

170.10.162.193

200 OK

736 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/search.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
736 B (736 bytes)
Hash
8a31fb7683d2774d15cb80b2a505f8e5
c291652c4f953dda7e2811fa610a0b220b567729
55e3cf79f04aad31684bc2e714adee2a93ae1b9c0baa9edba53e01c88bcba1f5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/search.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 736
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/mailman.svg

170.10.162.193

200 OK

834 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/mailman.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
834 B (834 bytes)
Hash
d423014c1b59afeba28f902547cb4064
16e3bf3ed8b60386b0bcdcda6597962d7448e933
8bd2b2bdd887ab7b38dd4d5ac269295b94cabac1b4bb9975e5975771ac1aed4e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/mailman.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 834
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/tracking.svg

170.10.162.193

200 OK

783 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/tracking.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
783 B (783 bytes)
Hash
8f8bfc4e147a094f652e6e84f8181ccf
0e05a6ae983278a8100b9268c865c698cf0f2814
444bd01aad77fd0bf403f6f3756dbebc3ed5ca3ef3b9cbf3f3aed05df7c0a0bb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/tracking.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 783
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/location.svg

170.10.162.193

200 OK

1.1 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/location.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.1 kB (1136 bytes)
Hash
0a1ca1ccf5ff9f82ab21211c45a5e6fc
1f2707a14018ac29696b0aa49fb6b3079a40fde4
bcb3cdd4d30cde3422425edcb5590810a5f1cf1567f60ba75e83189515453a98

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/location.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1136
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/schedule_pickup.svg

170.10.162.193

200 OK

862 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/schedule_pickup.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
862 B (862 bytes)
Hash
34d643de940c21fc6d5e079c4909a5ed
a7b4d82d1a95ea2045c0eb736559825feee5e1b6
c1c979cf93ef93d6ee81e089b3cc1a3b3aa1345ad24e52cc8fae81b64673fe12

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/schedule_pickup.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 862
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/stamps.svg

170.10.162.193

200 OK

494 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/stamps.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
494 B (494 bytes)
Hash
c4a4a5c3990824ec4564a7690ee04238
a8783c6f91c072e51ef4a3b3299fb05c0cd1d6d0
69e5e6c9816b37c62b32102f0d40da6e1820233d775b65f105bb0c4d77c8e6ba

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/stamps.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 494
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/calculate_price.svg

170.10.162.193

200 OK

697 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/calculate_price.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
697 B (697 bytes)
Hash
839491f38b357d4730a3872555afe2a3
9fcdb6af212a53ae91acdbdcd634ab0059e3b82a
88d63b973252ac368c7a665f94767f7187cc0f2f33577eb35c4658e138267b23

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/calculate_price.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 697
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/find_zip.svg

170.10.162.193

200 OK

731 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/find_zip.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
731 B (731 bytes)
Hash
d936a0f125fcd2b02942320f296ed81d
7b882a24563b2b168d9be33677bf3d47c5d563df
46094eb27327e20f1f0f2be6560240bc4b517ef433a62cf33ab2eca665cd6507

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/find_zip.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 731
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/holdmail.svg

170.10.162.193

200 OK

714 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/holdmail.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
714 B (714 bytes)
Hash
258fb1adb2cea710eb2cb49e4a19209d
8afca7c399d8cfe698741011321ce01b11e10264
c0cae2cd29165a7f5faf47f4bce82812a9f18541f97eb2648ba1f16f9f93fdcd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/holdmail.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 714
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/change_address.svg

170.10.162.193

200 OK

879 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/change_address.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
879 B (879 bytes)
Hash
9dbbcb40275fff23cb4baeb72235f9f5
6f9b431a038a3dce39825bb59264dff4f8be21a1
f158040413f4f13d2da5d90e6d3cefb070e0da78c96a5a14efd8055f67fe6485

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/change_address.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 879
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/free_boxes.svg

170.10.162.193

200 OK

589 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/free_boxes.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
589 B (589 bytes)
Hash
6941514a626be0afaecf226056aceb8e
9eea1b943c92ac6832adc1e563c7352a193b5346
ed76b610151120054b3bcfd94090c46160d437322353af63876423fdca09b358

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/free_boxes.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 589
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/po_box.svg

170.10.162.193

200 OK

792 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/po_box.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
792 B (792 bytes)
Hash
b705487d65fd5617b8f9a25f8458e829
f9f71d6f930361e685eaa5e2f7277ae0beb502b7
d88aab56b5eecdb924dffd7c393d4a57d90a7e39864db70f09348ab3d0380d5c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/po_box.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 792
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/featured_clicknship.svg

170.10.162.193

200 OK

448 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/featured_clicknship.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Size
448 B (448 bytes)
Hash
b2d3ea1ee277752c7a64b6f73e8adeda
0eca2b23331088c8b34c0de1501b2f8a07b2afb7
818e6ce78cea3591c4a7378f0089b1f98c22c4b35072592607e714bcb52e8514

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/featured_clicknship.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 448
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/go-now(1).png

170.10.162.193

200 OK

8.0 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/go-now(1).png
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (8026 bytes)
Hash
49754396635190a6532dd376acc76ee1
526df243e2adbf5719b082c5e04190ed40209ccd
0962cc2915393132882747bf55b069572324019764af92ec02d5d0249bfdff99

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/go-now(1).png HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/png
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-length: 8026
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/require-jquery.js

170.10.162.193

200 OK

74 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/require-jquery.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
74 B (74 bytes)
Hash
ea38e8196b75d9720bc3902d6d735130
165284464c58d7f213c1211f2c433873299e4527
cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/require-jquery.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-length: 74
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/qt.css

170.10.162.193

200 OK

8.9 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/qt.css
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1599), with CRLF, LF line terminators
Size
8.9 kB (8942 bytes)
Hash
1f0306d4d634b61bca46109109dec66d
0547edad174ea1c7a7d8d5ffebbbf90e0e0b5c70
5f3fb9e9255d6c5374844408a78d7d83a37cbdd2a9735d0f390a19c10f1d5387

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/qt.css HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8942
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/resize-manager.js

170.10.162.193

200 OK

417 B

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/files/resize-manager.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (1040), with no line terminators
Size
417 B (417 bytes)
Hash
06a6490f93fd2e90941576b9583722d7
6ac7043c93f45d6e392b14e83ad7dca79d8ab623
fa94534c931296f521d93e709d4bc0ad86a974337a18e899f5540b8fd97cefd8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/resize-manager.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 417
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/OneLinkUsps.js

170.10.162.193

200 OK

968 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/OneLinkUsps.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
968 B (968 bytes)
Hash
484c16236c8b086697e1c0ba0923e260
111a494b43f4970ddae144cc2984e47b7c87c7ce
fb45e2f7f5e6a2247b801963c1310834fbead57a45e013102f7b24689e6c1ea7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/OneLinkUsps.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 968
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/megamenu.js

170.10.162.193

200 OK

2.8 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/megamenu.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (3410), with CRLF line terminators
Size
2.8 kB (2804 bytes)
Hash
91ceaecc96c67c4f29d9a2d5a92c8be9
df2f3b529f82b3998ea7793609a535b3a6f5c8ec
6eea5cbbcb335fbbeed57e54746cfc6e3535d1b28ede03a27748f2aaa6e37981

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/megamenu.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2804
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/ge-login.js

170.10.162.193

200 OK

2.4 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/ge-login.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2417 bytes)
Hash
3a11d9b87517c9b0eb5b1c76382c1c14
89e1a98e09ef861528b519d683adbc7c2e4a90f6
d1041f1cee8bfae9f42328f21bc11239edeb952e99ef8f18789b04cc71be43c1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/ge-login.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2417
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/megamenu-additions.js

170.10.162.193

200 OK

439 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/megamenu-additions.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
439 B (439 bytes)
Hash
2314844e53ddac651856f961e0f5bd44
028d8c74db248ba1128adbac67dc4eb1d3a6584e
1eedb7889b92f67dae0b4f9b2238e6aea1d626885a38a99f366e87598efceb42

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/megamenu-additions.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 439
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/header-init-search.js

170.10.162.193

200 OK

282 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/header-init-search.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
282 B (282 bytes)
Hash
b095b23606becd20a7d1dd9a723e6738
2e2522d2b7e464b04af33ef944807f914ae5ab58
24009b05d923840a03a3c575d3fcfe0275806077b604fb358dcc84fd6569c2f2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/header-init-search.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 282
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/main-sb.css

170.10.162.193

200 OK

2.6 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/main-sb.css
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (8795)
Size
2.6 kB (2604 bytes)
Hash
e74dd61f7db91b026d599a1f3ef5ccf3
17a346ea5740c4a6002a4fe318861ad9e4259655
944741f222c00fde620ca5e8a884db580e7d16beb26fb89269ed7803a8cf0646

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/main-sb.css HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2604
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/schedule-redelivery.css

170.10.162.193

200 OK

4.4 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/schedule-redelivery.css
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (23038), with no line terminators
Size
4.4 kB (4407 bytes)
Hash
a39603607a65d5b6e36d3ced6299aca8
ce5043bde6551d7306e1b8f28c910efc0ec4135d
b75906645390d20e8540745e79e504721751f4dd0fee5a4112069fa6b8f589a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/schedule-redelivery.css HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4407
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/megamenu-v2.css

170.10.162.193

200 OK

6.6 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/megamenu-v2.css
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (44725), with no line terminators
Size
6.6 kB (6611 bytes)
Hash
cfce275cb2097acd32bce0cd4b431552
34d0a0fd9fbf6e93d378dd8a89546646fa77f206
ac3f33b6fb92249d57fd2f3f15babf191af2db6240c1cbc479bab97488795516

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/megamenu-v2.css HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6611
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/jquery-3.2.1.js

170.10.162.193

200 OK

30 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/jquery-3.2.1.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (32058)
Size
30 kB (29485 bytes)
Hash
565a9660631a8e6a629374b776b4564e
1ef583810a3b446dbfb2e646c8dd04baada714fc
36b44867606f8e730433691461a559f64238444a406d1c3e078f9336c7314dbe

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/jquery-3.2.1.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29485
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0

104.17.225.78

200 OK

0 B

URL GET HTTP/2
fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0
IP
104.17.225.78:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE5:E1:E6:6C:CE:65:18:4B:8C:E6:92:5B:D4:5B:14:08:A1:B6:03:74
ValiditySun, 05 Jun 2022 00:00:00 GMT - Sun, 04 Jun 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 21 Apr 2023 18:40:16 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: T0ZH1hXNoB6jtguc1LneBuShAW+pnL1xXkATYgstf9s/Ek+CPWrz2AkHZOlSFb4Uzx1M4Yl24Z8=
x-amz-request-id: PR33JFF0ZQ6CYPJT
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 561053
accept-ranges: bytes
set-cookie: __cf_bm=TvopzQhAS3EjuKGfN6sRI4gTqDXQqUp74U718DDu3yE-1682102416-0-ASfs+L1YAqkAPs/Ogwse/o5LiLyukv5P8Qt1iu+8bocTof+yDcRMtKqMT3ji0y3VjIc2vGYZkYizewLFX+IUXLI=; path=/; expires=Fri, 21-Apr-23 19:10:16 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7bb7c1276a710afe-OSL
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/modernizr.js

170.10.162.193

200 OK

4.4 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/modernizr.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (11084)
Size
4.4 kB (4358 bytes)
Hash
0eb0525f7fc858fb0842cbc277086fc4
6373df708c4ff2ab7343357d85e1deba946eb2d9
7c173c95dcb3c29ab3a3d48962fd3258ca12a85f71e3a6126708bcc56bac0fdb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/modernizr.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4358
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/require.js

170.10.162.193

200 OK

6.3 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/require.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (17192)
Size
6.3 kB (6287 bytes)
Hash
3f8642ff52ec9e6eafb77f54c66b637f
f2469643d6c6ca35f35e4c40666bc50df3589827
1cc3acfcbfba71fdc0fe846f858ba0448a6e22989ba9296957183cb36f8e45a2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/require.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6287
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/go-now.png

170.10.162.193

200 OK

20 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/go-now.png
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
PNG image data, 210 x 142, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20334 bytes)
Hash
d0dad9004bae0df70b06b75557b1df62
4a080764de6b97902413f5c836432a30da348517
2ff8048ab175abf501e134d00a973ca31a7b0de09c2777eab0a2c9dc07ca0289

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/go-now.png HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/png
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-length: 20334
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/go-now(3).png

170.10.162.193

200 OK

20 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/go-now(3).png
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19969 bytes)
Hash
6311ef7a60f86d77aa48fcc48a675a31
96bc8b2fe87b126ffbf0d7b7ad8419661cb6bd9c
70d715475fb0a4756fc65c50cbb2cf0ca15f7311efc6c54b18e045e6ab202251

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/go-now(3).png HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/png
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-length: 19969
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/go-now(4).png

170.10.162.193

200 OK

22 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/go-now(4).png
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22133 bytes)
Hash
22ab573e325c944450873345437b0887
0446e4d20c824d38ef4d427cf7e025c8f034f11a
d8573e3e13b1fb40173ea39d5e7fc1b935ae1239b9ca37ac3d7fedf3d966f4ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/go-now(4).png HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/png
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-length: 22133
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/go-now(2).png

170.10.162.193

200 OK

27 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/go-now(2).png
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (26972 bytes)
Hash
b596424d2e958b51d7a68b46cadb6855
77eeeff212b8cd75a31beb954907e20bc5f8c831
daaeb825e97d878d0b5d5dfce37a2dd592ac0e1c5b887e24705835442d317365

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /2parceltr5acks8/verification/files/go-now(2).png HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: image/png
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-length: 26972
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/files/require-jquery.js

170.10.162.193

200 OK

74 B

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/require-jquery.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
74 B (74 bytes)
Hash
ea38e8196b75d9720bc3902d6d735130
165284464c58d7f213c1211f2c433873299e4527
cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/require-jquery.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-length: 74
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed

qutana.co.ke/2parceltr5acks8/verification/files/helpers.js

170.10.162.193

200 OK

314 B

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/files/helpers.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (695), with no line terminators
Size
314 B (314 bytes)
Hash
e75cc68c4c27b12b76ae31cb2fe4eed8
94dcb708ef049e33c887b141a56450fde32e9962
1750f16e49b19c708e109d74fe019afffc546a4c6731a708e4f3d5396d960512

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/helpers.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 314
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed

qutana.co.ke/2parceltr5acks8/verification/files/search-fe.js

170.10.162.193

200 OK

799 B

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/files/search-fe.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (2235), with no line terminators
Size
799 B (799 bytes)
Hash
ea0ee884dd317be7c69a2478a9883ca5
fa4cd2dd30c42992fed0c1d1d96f6cf1e9adae17
0037cd59a6f3211a5384c70bd7d75e380350cea5a60513ea80810cf9bf673f73

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/search-fe.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 799
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed

qutana.co.ke/2parceltr5acks8/verification/files/resize-manager.js

170.10.162.193

200 OK

417 B

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/files/resize-manager.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (1040), with no line terminators
Size
417 B (417 bytes)
Hash
06a6490f93fd2e90941576b9583722d7
6ac7043c93f45d6e392b14e83ad7dca79d8ab623
fa94534c931296f521d93e709d4bc0ad86a974337a18e899f5540b8fd97cefd8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/resize-manager.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 417
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed

qutana.co.ke/2parceltr5acks8/verification/files/jquery-3.5.1.js

170.10.162.193

200 OK

30 kB

URL GET HTTP/2
qutana.co.ke/2parceltr5acks8/verification/files/jquery-3.5.1.js
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
30 kB (30274 bytes)
Hash
44dd37c6afbc20e65d5dc29b4b5f47ce
f8043353cd21e586427867d82e09b226be76b642
599856cc40612b446b921375fc1423953f8868c47d2968ea5f71d695cb8ea40c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/files/jquery-3.5.1.js HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 28 Apr 2023 18:40:16 GMT
content-type: application/javascript
last-modified: Tue, 30 Mar 2021 14:36:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30274
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

qutana.co.ke/global-elements/header/images/utility-header/mailman.svg

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/global-elements/header/images/utility-header/mailman.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/megamenu-v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed

qutana.co.ke/global-elements/header/images/package-intercept.svg

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/global-elements/header/images/package-intercept.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/package-intercept.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/megamenu-v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed

qutana.co.ke/global-elements/header/images/schedule-redelivery.svg

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/global-elements/header/images/schedule-redelivery.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/schedule-redelivery.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/megamenu-v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed

qutana.co.ke/global-elements/header/images/icon-personalize-stamped-envelopes.svg

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/global-elements/header/images/icon-personalize-stamped-envelopes.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/icon-personalize-stamped-envelopes.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/megamenu-v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed

www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff

192.229.221.165

403 Forbidden

345 B

URL GET HTTP/2
www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Fri, 21 Apr 2023 18:40:16 GMT
server: ECAcc (ska/F779)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff

192.229.221.165

403 Forbidden

345 B

URL GET HTTP/2
www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Fri, 21 Apr 2023 18:40:16 GMT
server: ECAcc (ska/F7BB)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/location.svg

192.229.221.165

200 OK

1.2 kB

URL GET HTTP/2
www.usps.com/assets/images/home/location.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1209 bytes)
Hash
9d8433f178d5a7b839a8bf25552c62b0
c21cec68e524862992f4aa51bf6955b953a65112
d01cb5a23f9b7f4a0a3db27cfd3d90e3813e75ed498fdbabe4df3a859390bd4f

HTTP Headers

GET /assets/images/home/location.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 30674
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "a1a-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7F25)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1209
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/schedule_pickup.svg

192.229.221.165

200 OK

923 B

URL GET HTTP/2
www.usps.com/assets/images/home/schedule_pickup.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
923 B (923 bytes)
Hash
9f9e044f92360c82183e3a31b774e7b2
273798ee8d4dead89367b835cdb7f65f51e81b47
e4b7ae480aae11558a890826cde2cc6fa10039a787052dfc72cdad3e7a772373

HTTP Headers

GET /assets/images/home/schedule_pickup.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 30194
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "6ef-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7F8F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 923
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/search.svg

192.229.221.165

200 OK

795 B

URL GET HTTP/2
www.usps.com/assets/images/home/search.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
795 B (795 bytes)
Hash
ccfe748c6040d78e356b03d1a731585e
3e15bb471b3c3d0a5cebc3ccd137b5daf9273b7e
9a1b75fecaa2e0de127c36ddbb63c1bc2c44b3f81eed395734dee1ce837162fe

HTTP Headers

GET /assets/images/home/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 62396
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "5b9-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7F4B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/tracking.svg

192.229.221.165

200 OK

844 B

URL GET HTTP/2
www.usps.com/assets/images/home/tracking.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
844 B (844 bytes)
Hash
04034bbe69ef912819cee070ff866703
2c96d71004568c2b460a7f8b796ae45ad89999ec
959755a6f38fb278acd6abb223db552ecf757c291f437149663009aafb83a181

HTTP Headers

GET /assets/images/home/tracking.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 79261
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "619-5494e7f71e280+gzip"
last-modified: Fri, 24 Feb 2017 22:46:18 GMT
server: ECAcc (dcb/7E95)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 844
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/find_zip.svg

192.229.221.165

200 OK

793 B

URL GET HTTP/2
www.usps.com/assets/images/home/find_zip.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
793 B (793 bytes)
Hash
4b74917936300819402d564909e39a34
82c09f9b1fa78724d4843b28f12c52e8bb218f2a
d7178ea719cbe6f11c5da374dc26908b1ad0d05d34a33cd6e6d701f5e05c209b

HTTP Headers

GET /assets/images/home/find_zip.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 62395
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "5bf-5494e7ed94c00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:08 GMT
server: ECAcc (dcb/7ECC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 793
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/holdmail.svg

192.229.221.165

200 OK

768 B

URL GET HTTP/2
www.usps.com/assets/images/home/holdmail.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
768 B (768 bytes)
Hash
2f40bbb9da0d97f2ba3f3efcfd7533af
34c76f88cdda4be234b58a76e466bc7a972f14ea
f1d176e77951f74582e7e311d99f98f7ce582bdb30051987f257eb3393ee2069

HTTP Headers

GET /assets/images/home/holdmail.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 57253
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "5a8-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7EFC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 768
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/gifts.svg

192.229.221.165

200 OK

590 B

URL GET HTTP/2
www.usps.com/test/nav/images/gifts.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
590 B (590 bytes)
Hash
e97f9908f9eef2a76ea4f48e00196980
f32d5a4b791567c690ea7095d93bec78e422db40
ad60c73a39b0fcd4b311654aab6f3954edb03f37034ad5567cf9f69d63d905f4

HTTP Headers

GET /test/nav/images/gifts.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 62662
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "3ee-560f10e9b5900+gzip"
last-modified: Fri, 22 Dec 2017 17:22:12 GMT
server: ECAcc (dcb/7378)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 590
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/calculate_price.svg

192.229.221.165

200 OK

772 B

URL GET HTTP/2
www.usps.com/assets/images/home/calculate_price.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
772 B (772 bytes)
Hash
42af7d5484bf8f80ac930313caa5941f
c3dbaf338d7fa81845487333c0cba5b8341bd140
f8f9b52e8d7b815deba988cfcdc6596e9e7b6671075907290c8e96679b18fb2c

HTTP Headers

GET /assets/images/home/calculate_price.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 48494
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "8fe-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/7EE9)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 772
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/collectors.svg

192.229.221.165

200 OK

561 B

URL GET HTTP/2
www.usps.com/test/nav/images/collectors.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
561 B (561 bytes)
Hash
8439e88bd2e43656b157f9c184635032
ddcb40776177a5eac36973e53f2f8bab73e65ea3
5ea3f924c3453a9b8a3f79251377f385f83c8cf9618129427795adf186b9338e

HTTP Headers

GET /test/nav/images/collectors.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 62601
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "461-560f10f803ac0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:27 GMT
server: ECAcc (dcb/7FEB)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 561
X-Firefox-Spdy: h2

tools.usps.com/global-elements/header/images/utility-header/mailman.svg

192.229.221.165

200 OK

904 B

URL GET HTTP/2
tools.usps.com/global-elements/header/images/utility-header/mailman.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
904 B (904 bytes)
Hash
e4bb1afb6143cb1307585f007399e0e4
7d28cd35cbdb8427d4a12274c3f455e57f4742e0
06410c31087cff92e7842a2e6aaef3b5b114192f77e2b652283250fdca6d5e30

HTTP Headers

GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: tools.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
age: 80165
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "723-55885af730a40+gzip"
last-modified: Wed, 06 Sep 2017 13:54:41 GMT
nncoection: close
server: ECAcc (dcb/7311)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-frame-options: SAMEORIGIN
x-ruleset-version: 5.1
content-length: 904
X-Firefox-Spdy: h2

www.usps.com/global-elements/header/images/utility-header/search.svg

192.229.221.165

200 OK

795 B

URL GET HTTP/2
www.usps.com/global-elements/header/images/utility-header/search.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
795 B (795 bytes)
Hash
78562ea313af96eca6581054fdbbc76c
b0f3fd320af131b3787b39c864ecac52de12a75e
7932a41ccc861366f60896fe808612a1361c85d654aef21c5d54f7673141c0a9

HTTP Headers

GET /global-elements/header/images/utility-header/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 62381
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "5b9-549b126599f40+gzip"
last-modified: Wed, 01 Mar 2017 20:28:05 GMT
server: ECAcc (dcb/7ECE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/change_address.svg

192.229.221.165

200 OK

935 B

URL GET HTTP/2
www.usps.com/assets/images/home/change_address.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
935 B (935 bytes)
Hash
6c6d11d6d4ad880538ac8b3c9b244e35
d2f5a684574f89a8bdac4ac35508dc29c61e9771
7d2bde4b550c48e86e4d1c6a106d195b5a259f74e2ceeab0772712d356ae7eb9

HTTP Headers

GET /assets/images/home/change_address.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 55214
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "74d-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/733A)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 935
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/utility_customer_service.png

192.229.221.165

200 OK

1.3 kB

URL GET HTTP/2
www.usps.com/assets/images/home/utility_customer_service.png
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1307 bytes)
Hash
3500d365cd94527c71fe9c70d5cda435
0c7bede628d74cefaf5fce1b675c0ce3c72c78c9
34b28a24c5414dab68a15be6613536d905faf33fbf1aed8ee4702caa60be9bca

HTTP Headers

GET /assets/images/home/utility_customer_service.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 62498
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "51b-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7EB6)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1307
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/shipping-supplies.svg

192.229.221.165

200 OK

1.3 kB

URL GET HTTP/2
www.usps.com/test/nav/images/shipping-supplies.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.3 kB (1282 bytes)
Hash
7a8b39b328ba3e776e643f66844896e8
7a400d0f33c592651da919c728a30e46207a9449
05140d52bba76b4464360b852c3b78227cc2865c4512bf0010ee666f0c985f99

HTTP Headers

GET /test/nav/images/shipping-supplies.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 62584
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "9f8-560f10eaa9b40+gzip"
last-modified: Fri, 22 Dec 2017 17:22:13 GMT
server: ECAcc (dcb/731F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1282
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/po_box.svg

192.229.221.165

200 OK

848 B

URL GET HTTP/2
www.usps.com/assets/images/home/po_box.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
848 B (848 bytes)
Hash
a1feed192f3aca7fd02c00b6ee45bb07
fce52b953f90a873186cd2c3ddb26dcca41884be
88dcd2a8a6b055bf63763c0a86338f33b09a257c89e26a5ae6a364becf1ac122

HTTP Headers

GET /assets/images/home/po_box.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 58208
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "667-5494e7f259740+gzip"
last-modified: Fri, 24 Feb 2017 22:46:13 GMT
server: ECAcc (dcb/7FD5)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 848
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/cards-and-envelopes.svg

192.229.221.165

200 OK

1.1 kB

URL GET HTTP/2
www.usps.com/test/nav/images/cards-and-envelopes.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1056 bytes)
Hash
5d63c3636efb2bbcb327ed13b714367b
c7e326811c101213173c2a585d1e9700731816ed
c63dd4b3239df8b0709202228ad62b9e06ec96c346d8f86f9e33a554973b795f

HTTP Headers

GET /test/nav/images/cards-and-envelopes.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 24866
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "8a9-560f10e8c16c0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:11 GMT
server: ECAcc (dcb/7F6F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1056
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/business.svg

192.229.221.165

200 OK

689 B

URL GET HTTP/2
www.usps.com/test/nav/images/business.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
689 B (689 bytes)
Hash
3b81ef43fc5b08bab4155c5fed116dc9
a5a804fb2f8f51b3e588d4edb01752eba0380f8d
a513b0f2fb200e9cf7b30ccfbde98f79e87a027c256d99f3159ad22dcb5cc4cb

HTTP Headers

GET /test/nav/images/business.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 63001
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "4d2-560f10e7cd480+gzip"
last-modified: Fri, 22 Dec 2017 17:22:10 GMT
server: ECAcc (dcb/7FBE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 689
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/utility_languages.png

192.229.221.165

200 OK

1.5 kB

URL GET HTTP/2
www.usps.com/assets/images/home/utility_languages.png
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1456 bytes)
Hash
410956805d5701e87299cff412827e1a
5de9a390649dfc12e3d6df431140d499ad8abd67
6e727dbf5b0f4a3ec76762e445ad2c5cb750f7de41afb8b0342f903124d09826

HTTP Headers

GET /assets/images/home/utility_languages.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 62829
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "5b0-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7E8E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1456
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/featured_clicknship.svg

192.229.221.165

200 OK

493 B

URL GET HTTP/2
www.usps.com/assets/images/home/featured_clicknship.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Size
493 B (493 bytes)
Hash
efb53558ef3932a80523af92bdda2085
1a97f57d64bc76f296423e1ddbdba9bc71b6d754
f0a25ce9d4e04e6b12bfc528584d599d5e472238849b0e1c66ff5357058d38fe

HTTP Headers

GET /assets/images/home/featured_clicknship.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 63101
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:16 GMT
etag: "436-5494e7bfce000+gzip"
last-modified: Fri, 24 Feb 2017 22:45:20 GMT
server: ECAcc (dcb/7F6B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 493
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff

192.229.221.165

403 Forbidden

345 B

URL GET HTTP/2
www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Fri, 21 Apr 2023 18:40:16 GMT
server: ECAcc (ska/F7B7)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/images/nav-red-chevron.svg

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/images/nav-red-chevron.svg
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/images/nav-red-chevron.svg HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed

qutana.co.ke/global-elements/footer/images/footer-logo.png

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/global-elements/footer/images/footer-logo.png
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /global-elements/footer/images/footer-logo.png HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/footer-sb.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed

qutana.co.ke/2parceltr5acks8/verification/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2 HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed

qutana.co.ke/2parceltr5acks8/verification/fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2 HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed

qutana.co.ke/2parceltr5acks8/verification/fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2 HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:16 GMT
server: LiteSpeed

www.usps.com/assets/images/home/stamps.svg

192.229.221.165

200 OK

551 B

URL GET HTTP/2
www.usps.com/assets/images/home/stamps.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
551 B (551 bytes)
Hash
780aa534eb1541ac0834489beafdeea2
2593cddb6c1b7505016d3c1138e16ff556e42166
c2a1858fe0517c4c928dad150f22710f1771c1b43b92b79ceb0b20e44db61ee8

HTTP Headers

GET /assets/images/home/stamps.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 30728
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Fri, 21 Apr 2023 18:40:17 GMT
etag: "44f-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7EC4)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 551
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf

192.229.221.165

403 Forbidden

345 B

URL GET HTTP/2
www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Fri, 21 Apr 2023 18:40:17 GMT
server: ECAcc (ska/F6BE)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf

192.229.221.165

403 Forbidden

345 B

URL GET HTTP/2
www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Fri, 21 Apr 2023 18:40:17 GMT
server: ECAcc (ska/F7A8)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf

192.229.221.165

403 Forbidden

345 B

URL GET HTTP/2
www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Fri, 21 Apr 2023 18:40:17 GMT
server: ECAcc (ska/F6EC)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/global-elements/lib/script/require-jquery.js

192.229.221.165

200 OK

74 B

URL GET HTTP/2
www.usps.com/global-elements/lib/script/require-jquery.js
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
74 B (74 bytes)
Hash
ea38e8196b75d9720bc3902d6d735130
165284464c58d7f213c1211f2c433873299e4527
cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9

HTTP Headers

GET /global-elements/lib/script/require-jquery.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 48736
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Fri, 21 Apr 2023 18:40:17 GMT
etag: "4a-5057c23aa4c00"
last-modified: Wed, 15 Oct 2014 20:40:16 GMT
nncoection: close
server: ECAcc (dcb/7F20)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 74
X-Firefox-Spdy: h2

www.usps.com/global-elements/header/script/search-fe.js

192.229.221.165

200 OK

930 B

URL GET HTTP/2
www.usps.com/global-elements/header/script/search-fe.js
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2264), with no line terminators
Size
930 B (930 bytes)
Hash
044ed97a28abfb41b4962d4be4f1a9a2
376bd4af5ff97565cf9565904b615bffbea08690
19c16113aa7d624c43ffefd992d78b420fc3a195d99578684d0abf52fbabce71

HTTP Headers

GET /global-elements/header/script/search-fe.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 3754
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Fri, 21 Apr 2023 18:40:17 GMT
etag: "8d8-5d77081c47c40+gzip"
last-modified: Mon, 07 Feb 2022 16:58:17 GMT
server: ECAcc (dcb/7FD8)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 930
X-Firefox-Spdy: h2

www.usps.com/global-elements/lib/script/helpers.js

192.229.221.165

200 OK

358 B

URL GET HTTP/2
www.usps.com/global-elements/lib/script/helpers.js
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (695), with no line terminators
Size
358 B (358 bytes)
Hash
a94bd840611f82766bdd01435e0325d4
195b9eccc89fd504aaa416ecfc05b277e3b1862b
c9df217c213bc4a79f26f7996533f4e02e031f82d7f1b88ccdc0f39504573d46

HTTP Headers

GET /global-elements/lib/script/helpers.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 63175
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Fri, 21 Apr 2023 18:40:17 GMT
etag: "2b7-505dad4fe5380+gzip"
last-modified: Mon, 20 Oct 2014 13:38:38 GMT
server: ECAcc (dcb/7338)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 358
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:17 GMT
server: LiteSpeed

qutana.co.ke/2parceltr5acks8/verification/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:17 GMT
server: LiteSpeed

qutana.co.ke/2parceltr5acks8/verification/fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:17 GMT
server: LiteSpeed

www.usps.com/global-elements/footer/script/jquery-3.5.1.js

192.229.221.165

200 OK

31 kB

URL GET HTTP/2
www.usps.com/global-elements/footer/script/jquery-3.5.1.js
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
31 kB (30950 bytes)
Hash
2a0ef702291c837a85b6c7c2275fdac6
7937023d7bc07c2a6d1e29f316836995fbdbf997
921bf2826576dbc494161d3021ee21b0b844ed89f0b2b630e7d579b69ab1a9ba

HTTP Headers

GET /global-elements/footer/script/jquery-3.5.1.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 50061
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Fri, 21 Apr 2023 18:40:17 GMT
etag: "15d84-5affcd6633ac0+gzip"
last-modified: Wed, 23 Sep 2020 15:35:47 GMT
server: ECAcc (dcb/7F9B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 30950
X-Firefox-Spdy: h2

qutana.co.ke/2parceltr5acks8/verification/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:17 GMT
server: LiteSpeed

qutana.co.ke/2parceltr5acks8/verification/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:17 GMT
server: LiteSpeed

qutana.co.ke/2parceltr5acks8/verification/fonts/2381d918-136d-444f-8391-db0cba6da388.ttf

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/2parceltr5acks8/verification/fonts/2381d918-136d-444f-8391-db0cba6da388.ttf
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
fortinet	Phishing

HTTP Headers

GET /2parceltr5acks8/verification/fonts/2381d918-136d-444f-8391-db0cba6da388.ttf HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/files/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:17 GMT
server: LiteSpeed

www.usps.com/global-elements/lib/script/resize-manager.js

192.229.221.165

200 OK

468 B

URL GET HTTP/2
www.usps.com/global-elements/lib/script/resize-manager.js
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
FingerprintC0:DE:9E:E6:D2:8B:35:D5:66:DC:D9:02:91:7A:07:AE:57:5A:06:F7
ValidityThu, 20 Apr 2023 00:00:00 GMT - Mon, 20 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1040), with no line terminators
Size
468 B (468 bytes)
Hash
7dfda1d5c69fea0090eb0e1dd8f9cc69
731696ce554e4a61def2c1b2c42f593b2d663ec2
f59a56b127f6d56e1af875fde9db49dcd3fc70cd952445b3f0d259f4acc52a5e

HTTP Headers

GET /global-elements/lib/script/resize-manager.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qutana.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76599
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Fri, 21 Apr 2023 18:40:17 GMT
etag: "410-5057c23b98e40+gzip"
last-modified: Wed, 15 Oct 2014 20:40:17 GMT
server: ECAcc (dcb/7F54)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 468
X-Firefox-Spdy: h2

qutana.co.ke/favicon.ico

170.10.162.193

404 Not Found

1.2 kB

URL GET HTTP/3
qutana.co.ke/favicon.ico
IP
170.10.162.193:443
ASN
#32748 STEADFAST

Requested by
https://qutana.co.ke/2parceltr5acks8/verification/
Certificate
IssuercPanel, Inc.
Subjectqutana.co.ke
Fingerprint02:3E:76:86:D9:95:22:B2:25:19:E1:17:C0:AA:20:06:AD:61:04:6A
ValidityTue, 21 Feb 2023 00:00:00 GMT - Mon, 22 May 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: qutana.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: qutana.co.ke
Connection: keep-alive
Referer: https://qutana.co.ke/2parceltr5acks8/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 21 Apr 2023 18:40:17 GMT
server: LiteSpeed

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML