{"report_id":"2397a971-4bda-476b-b966-495c61228976","version":6,"status":"done","tags":["usps","logistics","phishing"],"date":"2023-12-05T09:29:16Z","url":{"schema":"http","addr":"usps.nackege.top/","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"ip":{"addr":"43.130.17.205","port":0,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"usps.nackege.top/","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"title":"USPS - Linkfly"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T09:02:35Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"usps.nackege.top","ip":{"addr":"43.130.17.205","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":8,"request_count":9,"received_data":222941,"sent_data":4489,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fly.linkcdn.to","ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":291375,"first_seen":"2021-04-08 17:01:37","last_seen":"2023-12-04 09:01:05","alert_count":0,"request_count":10,"received_data":171640,"sent_data":4684,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-09-09 02:40:21","last_seen":"2023-12-05 06:14:20","alert_count":0,"request_count":1,"received_data":13412,"sent_data":522,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2013-06-10 22:14:26","last_seen":"2023-12-05 07:37:50","alert_count":0,"request_count":1,"received_data":26419,"sent_data":688,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-12-05T09:29:04Z","timestamp":1701768544,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":58470,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query to a *.top domain - Likely Hostile","source":"{\"timestamp\":\"2023-12-05T09:29:04.488933+0000\",\"flow_id\":2105603109451237,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.253\",\"src_port\":58470,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023883,\"rev\":4,\"signature\":\"ET DNS Query to a *.top domain - Likely Hostile\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2020_09_15\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":54753,\"rrname\":\"usps.nackege.top\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":87,\"bytes_toclient\":0,\"start\":\"2023-12-05T09:29:04.488933+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-12-05T09:29:06Z","timestamp":1701768546,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51244,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .to TLD","source":"{\"timestamp\":\"2023-12-05T09:29:06.145060+0000\",\"flow_id\":16689930581668,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.253\",\"src_port\":51244,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027757,\"rev\":5,\"signature\":\"ET DNS Query for .to TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":3231,\"rrname\":\"fly.linkcdn.to\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":85,\"bytes_toclient\":0,\"start\":\"2023-12-05T09:29:06.145060+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-12-05T09:29:06Z","timestamp":1701768546,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37542,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .to TLD","source":"{\"timestamp\":\"2023-12-05T09:29:06.145184+0000\",\"flow_id\":717362305316640,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.253\",\"src_port\":37542,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027757,\"rev\":5,\"signature\":\"ET DNS Query for .to TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":42755,\"rrname\":\"fly.linkcdn.to\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":85,\"bytes_toclient\":0,\"start\":\"2023-12-05T09:29:06.145184+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"usps.nackege.top/js/jquery.js","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"ip":{"addr":"43.130.17.205","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9771cc3e90e18f5336eedbd0fffb2cf","sha1":"6ee8aaa3ac1f4e0ae18717a3fd26892e9f0e4cc5","sha256":"3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24","sha512":"c503341fa3a7176fd10bd8cd7a5717c8faf971f87fa0c158f2d94fcd484ae3ed5031f49414dae833fb806b7365b5699c21d2e655376f69adb052b22f6f6982a7","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GK7:sHNwcv9VBQpLl88SMBQ47GK7","tlshash":"8083f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87532,"data":"","first_seen":"2023-10-13T22:05:06Z","last_seen":"2026-05-19T09:01:59.152743Z","times_seen":25800,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usps.nackege.top/js/index.js","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"ip":{"addr":"43.130.17.205","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5bf8520a7f2929206aebc2aa4f629f6","sha1":"e8316629a15cfba6b527a4303272189f4b7f36c7","sha256":"3418f8e97d3218b56896828363bc7bbeda296f378c16fa951f601a2308d85a04","sha512":"388f023f7286555f866d6d27803c4ce090da584e5c4c9732788fbb22ea77ce42b3fc09ed01145d37eb849405cd15a14f4f3f26cb6724de4db6e164143453bf54","ssdeep":"","tlshash":"d301f94bf92416313177b6b10bcb2140347b3195560195097f2c8f86af6ab1a57a26ed","size":746,"data":"","first_seen":"2023-10-29T15:40:16Z","last_seen":"2024-08-20T21:55:37.412499Z","times_seen":305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"5435d100c7a54aa5cbd6567902ea8804","sha1":"5b29800806ecda0b664eaf082214c1d946aa98c9","sha256":"18dfb41a8fc1d24a1c4c23ce7c8746a54827a118eebeed081d2b3df95229a865","sha512":"30e5b205e0e5a477bf48ec9ee879e9748e76e13375cf9ca7fc7a56a3abcd71149063e622bdd4cc2fe7633a2e5ff87580a49f04b49024924a958a88b046b19c9c","ssdeep":"3:z5FtriI9Z10KoMLt5MBAU/FViRwJMZZMGUoCyXa8WmAjbwKKzCJDQw5sOkADFoCe:kevh5AhqWMnHRxK1AmmaGMK20ZxV","tlshash":"3dc1a98ab0400a3e006b5220038f10001a7f3c696c14a118f81cc182af6a31ac366e8a","size":3168,"data":"","first_seen":"2023-10-29T15:40:16Z","last_seen":"2024-08-20T21:55:37.428448Z","times_seen":292,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usps.nackege.top/js/us.js","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"ip":{"addr":"43.130.17.205","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8cf2f0c87d77df405b998e91a4e9af53","sha1":"4bc3405889e128fd8a26209946572422804ff617","sha256":"e69aef269eb6cdb5316b8fa1f1c41850f604228f66155745de343b70020860bf","sha512":"7e16949d32dfb0d3e8d2e85ce19004eb2e62616fc876a25da889041b54d3b0fb890bb842e8d60079c7e7e975a4effb1b6c46468d4dd23bea7859aa162f8a77de","ssdeep":"","tlshash":"d33164f22a08b22323184d3c64f1f5b469f9e274fc521730599f1a4ea2f5e5cc4c7996","size":1629,"data":"","first_seen":"2023-10-29T15:40:16Z","last_seen":"2024-08-20T21:55:37.431998Z","times_seen":304,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"b37f897789b24904923ec9bc7b97f1a5","sha1":"e4ee0bc8135a45520599d824c1df1510591bb128","sha256":"96825af94983d2503841feff772c6ee06ab77ee1537d12dc4e7af682380f273f","sha512":"143a2a061132ac63e68b561396634c2e2fd54ae36489b304dde99512012b6da0275aea6a663d93382c0b706f812e71747b76e03458ab51015ac8bf8e8a7e0f96","ssdeep":"","tlshash":"406000003fc3000c0c03000000030000c030c030003c0000000003c330c300300c0330","size":12,"data":"","first_seen":"2023-03-26T04:25:39Z","last_seen":"2025-08-28T08:33:31.419678Z","times_seen":4461,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"429bb5675a958cf01732f235bb8c9fce","sha1":"a5883380b1bdc44ea51899e5ddde032f5d0ffc19","sha256":"53bbcb68824c78e304a99f449d13ad25d8be4b54315159cf9a65a10377a5f92a","sha512":"719de28ffe2a5651c59570cfd3eb7816af420d822eb424710fc015a6b5da0e1fcc42dbd42c8411977b24d75570f77451121605cde3aaa05139faefdb8ccb1958","ssdeep":"","tlshash":"ac8000f00a8a3222a20208000ce03080eac0f02ab2e8022888082c0c82be038e0c302a","size":34,"data":"","first_seen":"2023-10-29T15:40:17Z","last_seen":"2024-08-20T21:55:37.447569Z","times_seen":305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"259bb3631fd5e2afe4cded514a40802d","sha1":"189da0ebaea38665c6e7cdcc65d25d302f9d193b","sha256":"43cc234215cf62fdfb66740985cfe524bd2b0d7aee0c8f1d9c5e43f06eeb34b1","sha512":"73d15777d5c73d14a592edd0ecc00ec318fa6a06f373d05c0148ae6b56cf5c70c23228afdd651306f71da33138e6fd14204934df7706f455580629084986b176","ssdeep":"","tlshash":"c9c08c249a00626099100903e8c79248e3f441f4201ca14068fc128abbe08f4e84b0c4","size":144,"data":"","first_seen":"2023-10-29T15:40:16Z","last_seen":"2024-08-20T21:55:37.442292Z","times_seen":305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"8035a36cf92f7b19f35673e59014e897","sha1":"434320f6573b8a04de89cb3a315d25a25e3f5d61","sha256":"b9e2523f6cee3f0469b330fc306b51d2b0e490f53d54c0a8372b925837281587","sha512":"f941ec526516b2b1a98de1c9b25572be5f226bcbdbbccc74a4b01e686f4137708bf860cc3417e7517698be40a77508568a769a69b9252b7336cf0b33b3b067ed","ssdeep":"","tlshash":"689004d7730c54354374440407c5f000c3554101c074141173dc1fdd05cd51040f3351","size":46,"data":"","first_seen":"2023-10-29T15:40:16Z","last_seen":"2024-08-20T21:55:37.436568Z","times_seen":305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"68c100c5a29466712ecdb794573b4237","sha1":"c627158fcef9768b0382b124e80d5f9fe0143121","sha256":"816a02ef116af5aa87fc3390b580264619bfc76d23d7801c3e5c4c2fadbaac0c","sha512":"9c6ce4c14fe1dbce828b90def82c6542eae2d4768e6052c17d369a9a4bf0bfea9320845ff28f1c251b129d9b7c8208b1b5da8a5941b8004685ee2d7e42dff00d","ssdeep":"","tlshash":"559002051d04908f41506d488975f06c04d8b68bb030c91c55e4621822652898893d94","size":54,"data":"","first_seen":"2023-10-29T15:40:16Z","last_seen":"2024-08-20T21:55:37.440512Z","times_seen":2558,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"7ee18310d4166e151106bf9300e0b4e9","sha1":"d06928705a3e9787e2f16e68917dcc1208b57129","sha256":"bac843e7d9bec5e0f362a25275a73e88e812b17840b2946a62d9a1585d94dd11","sha512":"8c970c36ca1c837bbc6e36d297befd6a58c925dd19785e6d390385383ae4f3881c7692b15aa5860cf8fdf36c48e3f6df15aa56ae2154cf289035e8d0b738783a","ssdeep":"","tlshash":"c19002111d14918642006e588976e41c00a9b69ab030c81845f4611c52a52ca889a994","size":53,"data":"","first_seen":"2023-10-29T15:40:16Z","last_seen":"2024-08-20T21:55:37.434644Z","times_seen":2558,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"eaa9a621b1550906fd40a57071347d15","sha1":"d443c4c7abdf45b9b3b3866780f76bde1d9ede2e","sha256":"38fdb9178382ff9ed154f89ea0137e10e06693434f68ca0adcf4c462e94e462e","sha512":"07664be2e9828b6904a0547fd18aa44bea5f4eff7fee61cafab8c1a5a5bb87076cc9403641b16621a1b0db3e52ba72e32eabf425abc8c50bec9060755e96efcf","ssdeep":"","tlshash":"12400003000000030000000c000033000000000c00000c000000000000000000000000","size":7,"data":"","first_seen":"2023-03-12T06:04:37Z","last_seen":"2026-02-19T10:05:29.153154Z","times_seen":5143,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T09:11:22.023028Z","times_seen":15432103,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"37b3657d3259bc81564772add580c945","sha1":"5271fa5b371475941842670fea62e63e1790c863","sha256":"a0d7862cd0d69b1081bdd724858d43e8cf5d59ff046aa7866a93cbf361c00644","sha512":"8ef328b50b89481973b7931f6eb7f9c138a6ca67f70200fc653f596971b3f329f8993310c0dd511358d8b78502f3561db3f41682ee9acc207bd7b1700f42ac1e","ssdeep":"","tlshash":"8950000000000030000000000030300c0000c30000000000c000000000c0000fc00000","size":8,"data":"","first_seen":"2023-03-07T01:17:21Z","last_seen":"2026-05-18T22:28:17.071335Z","times_seen":5667,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"fe364450e1391215f596d043488f989f","sha1":"d1848aa7b5cfd853609db178070771ad67d351e9","sha256":"c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e","sha512":"2b11cd287b8fae7a046f160bee092e22c6db19d38b17888aed6f98f5c3e936a46766fb1e947ecc0cc5964548474b7866eb60a71587a04f1af8f816df8afa221e","ssdeep":"","tlshash":"54600088282020000000228008802020000203e02002020020c020202aa02280800200","size":15,"data":"","first_seen":"2023-03-07T01:02:47Z","last_seen":"2026-05-19T09:15:35.361263Z","times_seen":78744,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"91bfce5ec96651cd96c14257e20d4ebc","sha1":"e77a120b99e32820068bda104661b664af06f717","sha256":"df833ecaeb56a04387b8288d6c0da85c89184630137689152d4b9d71c8c7dd42","sha512":"ae26f0be3288e5a0ebccb586273e21478f0f04662b5a03abdf75aa7b3b429d7d14f10632cddc915e96581b8095e8f5bc707cf9c58bc2c9473a55f27ad0f0242d","ssdeep":"","tlshash":"1ab012b10504a44b1b00838d554f2018c00380048f35ae00f087005950748d108210e4","size":90,"data":"","first_seen":"2023-10-29T15:40:17Z","last_seen":"2024-08-20T21:55:37.446995Z","times_seen":305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"11916186aea18b33888cb2dd5bcde641","sha1":"b12cd522a74753b1273d122b93711a961010fb24","sha256":"1a410e7551ebc18feef8828723f6bbebbf9b7c170665eece167e5c35ce5f4ffa","sha512":"1e879d5fe1d70f9387095e67a6dda48b7c2aed4a915585d274ba5510205b48e34d100568d1b16b1e4cf5d477e87fb33e298a060ad224349e33f188ede3917cc2","ssdeep":"","tlshash":"30a002b1280611176351cb7494eef1198e814912e01d9c90e46432ec19ddb4ce4f3ba0","size":71,"data":"","first_seen":"2023-03-07T13:10:50Z","last_seen":"2025-12-28T21:56:17.349975Z","times_seen":2580,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c81c59a5ed660e9abd3ff31b10c481e7","sha1":"4a908baba6f1e2165db9fcee0d4fe0fb2698c33e","sha256":"d3cbf4f546be0b03b0188d50f0f944a62795c3f57d425c7e1e49d0ee64fa4c96","sha512":"e8dd324bf9e0f82b152f0c03eaa7df9b46f6631f869adebea1953bde4974fa2c7f761d0c70c985e8ca945efd4100e4c6c1a6f6526293b0d7a283d26a4ca1741d","ssdeep":"","tlshash":"6f900257925485940165400411c6b000c118820284251810639d1eca048762481a7116","size":51,"data":"","first_seen":"2023-10-29T15:40:17Z","last_seen":"2024-08-20T21:55:37.444345Z","times_seen":305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c4b79ef0f0700a9483b2ec0991dcd607","sha1":"9865ff58109d614b29d5b1567b132c0cc7976f71","sha256":"79a2a654c5517f446b2797290574f869142a0854e2888ffec2e0e7d188a6d131","sha512":"95e7f89cfa0d06703849d0d57dcdb7d4150ca3215e7f1c89d1e244e9c7ad03e1a9aa726ebe62ce494a44f604815b7790de02c2fbdbe89a9d79db090d44ea9538","ssdeep":"","tlshash":"6f80044041401c41440141104050c51175070541414744173735d451f50351007530c7","size":33,"data":"","first_seen":"2023-03-26T04:25:39Z","last_seen":"2025-08-28T08:33:31.406421Z","times_seen":4433,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"33b81a8117997fd4f8abc19c951a2a76","sha1":"740e193f50a83b26f84109ca7fa351c69896730e","sha256":"d61d0fc6f52b3294c8c42bf207cde6c521e22ba75a7b022301649c354bb00901","sha512":"dd22afae5cb627f1ce3a545edf4ccb9dacaaedbf868b42f2ed808c17d04e39b6496c4ef15a71ec8ba4c7f953c5416492d91a6d5eee9a28022ef86e8a7100445d","ssdeep":"","tlshash":"cd5000000000000000300000000300c0000000000000300000000000c000000c0030cc","size":8,"data":"","first_seen":"2023-03-12T06:04:37Z","last_seen":"2026-02-19T10:05:26.379977Z","times_seen":5147,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"96e515235a5edfc76d87e131dc145657","sha1":"607b0c9680e3f9ebfece1344e2bf43ef83c130aa","sha256":"4e04c63292209990af9c57c8af0877c7ad7c1ea448034bf2cd90a9bb51532d16","sha512":"f10600b51c47b62f9a4f8a4e33f02a43ea29eed0f692232f82f0f411bbce20a4e54160f7f1898d39219a3d40cae42c73465ec4e67f4cceb5a56eca4849e84efe","ssdeep":"1536:KQIjJjFO/dw5dQIjJjFO/dw5dQIjJjFO/dw5Slv/Ac:KQIjJjF7dQIjJjF7dQIjJjF7Slv/Ac","tlshash":"328384bb2d930084a70395e563ef1b1833349183ed46cca5bb8d129dcfd5ea864d379a","size":84624,"data":"","first_seen":"2023-10-29T15:40:16Z","last_seen":"2024-08-20T21:55:37.441092Z","times_seen":293,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"166248a6129a1e4370d20adc2d4c23f3","sha1":"0fe0bb445f51fad57f3fc4115d7c66cf18545107","sha256":"b7d082ee12e91b756ea22e8513b8594eebcf5d39fab813da3cb55794dc888ad7","sha512":"ec7f23faf755a87ffa0e75a4cb03a07f23768e9691d7965d0fc060797aabdeaba450df5c416656b1fe6f68ec9360a43e4d3190b7059a82a77acf5b54012a4c11","ssdeep":"","tlshash":"5e4000c000000000000000000cc00000000000000000000000c0003000000000c00000","size":6,"data":"","first_seen":"2023-03-07T12:56:09Z","last_seen":"2026-05-19T04:32:22.414389Z","times_seen":105189,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"71a533136edbdb7184c7aec74d7b6479","sha1":"11a5b3eb73cd1c37a3c878830fa80a2b9aad1367","sha256":"486d2882e02fef24ad1793af4070e2f66749c138381589a4fcc7c6050e3a9955","sha512":"42bfdf8beb7ea026fbb2b0e12907fb62d7bd26f8a5235a3e61856e2901ca43e4cc5cd6202d2d811091a1eb6a984664df6de4c29d26c954d6d56fce9ef624f3db","ssdeep":"","tlshash":"79a00295981031abb2525b7332d5a006ca556a5091441421d11868ce5cb3e4496ebe35","size":66,"data":"","first_seen":"2023-03-08T01:37:10Z","last_seen":"2025-10-20T15:20:59.134901Z","times_seen":307,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"67e5b0dea998f7582e9448ebc9a6e299","sha1":"619c292d9395d712ddd2276368b5465803ac566a","sha256":"055b43c203c5b216a8d33ef8964d560fcf3bb8354397be2c60e62088190feafd","sha512":"8c976c5120eff8acc29ad0d7a7e312261131fcb3777fbff4e33cb833e7fc724355916cfc66a07b09c0f636f78eea5971d836861e40988438f14f6ff534ceda2d","ssdeep":"","tlshash":"a7a022028200380028008808a880f800082080208000828a80c8c0880c822e000c3332","size":60,"data":"","first_seen":"2023-03-08T01:37:09Z","last_seen":"2026-03-29T14:18:08.69671Z","times_seen":2704,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"a2d83c40258a65f84e5c878e7ffce8e1","sha1":"9dfe4af5bd0af5b34da5dab748b223d2451f1a12","sha256":"811fffe35722aa73b5913b9882019d6e39218a87590cda8c6c2c2f9e41cad8ab","sha512":"b9dc6998001daac4771952c33d4fd102624b11fa6e8a00813e5a56d3ba49d43fc6879492a1c77ca366ce04decfbeb65bc98eeb6167e8fa5f975d62b8c6a3db67","ssdeep":"","tlshash":"ff50000000000000000030c0000000000030000000030c000300000000000030000000","size":8,"data":"","first_seen":"2023-03-12T06:04:37Z","last_seen":"2026-02-19T10:05:29.300468Z","times_seen":5149,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"308065b5078a49f986fc3c9f9b66e5d3","sha1":"be1628c3c7d88ddfb243f216545e780b98cc4386","sha256":"fdfe0993e6e9e9917554bb95b1137af5870146fd38da5f13bea1b530ac05b296","sha512":"7c55327b79cd297b8b6984212dedc5066f88a06d4ab528bd982ea2fdb6f55468c6cd77fc9b27ab12346123b6c84aa573a8719eb4e3435bd01847fe20790a3f1c","ssdeep":"","tlshash":"214000c03000000000000c000cc00300000000000000000000c00030000030c0c00000","size":7,"data":"","first_seen":"2023-03-07T12:56:09Z","last_seen":"2026-05-19T05:52:17.843297Z","times_seen":105503,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c4421c62b43d2fbc6ab3da6b2381b416","sha1":"863e0d947773921d4ba7ff6fd451b816ef36fd2b","sha256":"9132f1246a11ec5577a7d90e5e3c91fd5a7e42b8f45b91e1f254cc9dd8b869a1","sha512":"6e03ad24949d47965a8d15b11dc5d1136e42b8e6b4c783d8d2ee827099a982c1fca8825212ce5fbaf6a74b3fe47ed98c5eb3d797165510b87e033d068f5d77d0","ssdeep":"","tlshash":"02b012c290414c1c0190c125686070080a9a59745f6708811cc9954d4cc9f4445a649c","size":90,"data":"","first_seen":"2023-10-29T15:40:16Z","last_seen":"2024-08-20T21:55:37.435866Z","times_seen":2558,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"185c6b1c6849511279f6111366e4ccdf","sha1":"22a4cb771ab38ecdf89f6232477e7327d180d0fd","sha256":"c33cf605155541f887e89d5a5f195825545879e93d7852ec651c0fe7ddd84ea1","sha512":"beb5ab09c5eea6511add137e67ab0bb0f4f336bc8dd9e22f73a414f08f3c110001d9dade35cfe0625224da33514b267a07f7204dae9c6f419a6d43d00760e19b","ssdeep":"","tlshash":"8990044c1447c10f5444044040054c5404c10301c3130cdd577433f7d75d14744f551c","size":46,"data":"","first_seen":"2023-10-29T15:40:16Z","last_seen":"2024-08-20T21:55:37.43279Z","times_seen":2558,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"6dc161b49664a14aa5738ff8087329d0","sha1":"1f3c269799b14bd847851caeb3c3f8491e2268a6","sha256":"a5199731fd1e07bea00806a948d7f986a698d4d16b0caff0e6cfd22f017e986a","sha512":"10293c8442f33fad7f64747007da795626a34a00136d872d37c0a79f5370e403e4f086320cf27890417476f0314689905ac7f83fae8152bea29d7f24b8f710d2","ssdeep":"","tlshash":"97900262535944941166484400d5b004c6196016d07014119add4edd08db96492e7177","size":55,"data":"","first_seen":"2023-10-29T15:40:17Z","last_seen":"2024-08-20T21:55:37.443711Z","times_seen":305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"5e52aa1b6dd2fef7645614bf98cddb32","sha1":"d0e42d6401153ebd0f1d363efacbeca8bc8e3d77","sha256":"03d383afe1efafc36039448b2e3af26098cd07b7308fb2f40395f857d5bb0343","sha512":"abcf5757c8a02482c2d01ffd4dcd9cd67a224c6b1d9aa2846543a8bab9a4c3a442722b6f8bda63d10c61aaa670fd29345cbafdb051e9e5c309331118052bd948","ssdeep":"","tlshash":"80400000000000000030000000000000000003000000c00000000000c000000c0030c0","size":7,"data":"","first_seen":"2023-03-12T06:04:38Z","last_seen":"2026-02-19T10:05:32.903947Z","times_seen":5145,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"cf9da7033f426d448394a2b43135208c","sha1":"a6f0fb555d1566f4037534df8e2699340b94dc42","sha256":"ca2c082d67c735d568dcd99c68245ff20c3437b2cc7a106ed8b46067a06136f2","sha512":"ebf99ff7312cd9cea74a2fcc775321af9d98b6b8f0de187237a7f542644cf8500b2aa87f5ff9f32299c7976501634c81041bf856e2c2853d672d9d2faf7cdc16","ssdeep":"","tlshash":"f750000000c330c00003000000c30000c003c030000c00000000000330c300000c0300","size":11,"data":"","first_seen":"2023-03-26T04:25:39Z","last_seen":"2025-08-28T08:33:31.408791Z","times_seen":4461,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"usps.nackege.top/js/index.js","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"ip":{"addr":"43.130.17.205","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:05.459Z","timestamp":1701768545459,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usps.uipackege.top","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Dec 2023 10:06:05 GMT","end":"Thu, 29 Feb 2024 10:06:04 GMT"},"fingerprint":{"sha1":"6C:A7:A6:34:BA:08:AA:6E:26:7A:83:3C:EA:65:8A:CD:FB:E8:E6:64","sha256":"BC:72:44:48:E1:68:07:34:5D:43:15:7B:70:1D:DD:61:E2:D2:48:F6:DB:FA:BD:B6:78:C9:E3:91:43:69:5B:50"}}},"request":{"raw":"GET /js/index.js HTTP/1.1\r\nHost: usps.nackege.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nCookie: PHPSESSID=jliprngmv91bh1muefqe2vigrl\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 Dec 2023 09:28:59 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 746\r\nlast-modified: Sat, 28 Oct 2023 21:44:36 GMT\r\netag: \"653d80c4-2ea\"\r\nexpires: Tue, 05 Dec 2023 21:28:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":746,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"d5bf8520a7f2929206aebc2aa4f629f6","sha1":"e8316629a15cfba6b527a4303272189f4b7f36c7","sha256":"3418f8e97d3218b56896828363bc7bbeda296f378c16fa951f601a2308d85a04","sha512":"388f023f7286555f866d6d27803c4ce090da584e5c4c9732788fbb22ea77ce42b3fc09ed01145d37eb849405cd15a14f4f3f26cb6724de4db6e164143453bf54","ssdeep":"","tlshash":"d301f94bf92416313177b6b10bcb2140347b3195560195097f2c8f86af6ab1a57a26ed","first_seen":"2023-10-29T15:40:16Z","last_seen":"2024-08-20T21:55:37.412499Z","times_seen":305,"resource_available":true,"data":null}},"time_used":657,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":492,"receive":165,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"usps.nackege.top/loading.jpg","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"ip":{"addr":"43.130.17.205","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:05.451Z","timestamp":1701768545451,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usps.uipackege.top","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Dec 2023 10:06:05 GMT","end":"Thu, 29 Feb 2024 10:06:04 GMT"},"fingerprint":{"sha1":"6C:A7:A6:34:BA:08:AA:6E:26:7A:83:3C:EA:65:8A:CD:FB:E8:E6:64","sha256":"BC:72:44:48:E1:68:07:34:5D:43:15:7B:70:1D:DD:61:E2:D2:48:F6:DB:FA:BD:B6:78:C9:E3:91:43:69:5B:50"}}},"request":{"raw":"GET /loading.jpg HTTP/1.1\r\nHost: usps.nackege.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nCookie: PHPSESSID=jliprngmv91bh1muefqe2vigrl\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 Dec 2023 09:28:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81572\r\nlast-modified: Wed, 21 Sep 2022 07:47:06 GMT\r\netag: \"632ac17a-13ea4\"\r\nexpires: Thu, 04 Jan 2024 09:28:59 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":81572,"size_decoded":0,"mime_type":"image/jpeg","magic":"GIF image data, version 89a, 630 x 637\\012- data","md5":"9e0373c2b4410c49439dfd822c5fd16e","sha1":"427f86c03751b7e107fd282bbe32be18fc2e0898","sha256":"05eb745176d79ec27d52d544582483fc4d0f6378c7ed2060be24dfc4e8990668","sha512":"01c9fe5db1bc9caf67cf011bbe8c49de92f91969a576732039443ebbdef56f601fe5c4b5153459e65c0b9ada0045061347b66d05105ced3a4cd04bb14c6a7fa6","ssdeep":"1536:XuCQRdUM8w28aV8qKc4AeSKhDxxdQ8jorRjF8SX8Bx8c:DSP878W8qKcnrKhFLO8U8/8c","tlshash":"b983d1ba7129cb33cd7aeebf0352c6b4d0cc60e63461e52eae4d1755cca0016e5e59b8","first_seen":"2023-04-08T19:56:48Z","last_seen":"2026-05-17T21:02:18.377932Z","times_seen":7805,"resource_available":false,"data":null}},"time_used":670,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":331,"receive":339,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"usps.nackege.top/js/jquery.js","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"ip":{"addr":"43.130.17.205","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:05.455Z","timestamp":1701768545455,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usps.uipackege.top","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Dec 2023 10:06:05 GMT","end":"Thu, 29 Feb 2024 10:06:04 GMT"},"fingerprint":{"sha1":"6C:A7:A6:34:BA:08:AA:6E:26:7A:83:3C:EA:65:8A:CD:FB:E8:E6:64","sha256":"BC:72:44:48:E1:68:07:34:5D:43:15:7B:70:1D:DD:61:E2:D2:48:F6:DB:FA:BD:B6:78:C9:E3:91:43:69:5B:50"}}},"request":{"raw":"GET /js/jquery.js HTTP/1.1\r\nHost: usps.nackege.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nCookie: PHPSESSID=jliprngmv91bh1muefqe2vigrl\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 Dec 2023 09:28:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 28 Oct 2023 21:30:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"653d7d5a-155ec\"\r\nexpires: Tue, 05 Dec 2023 21:28:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34241,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65447)","md5":"c9771cc3e90e18f5336eedbd0fffb2cf","sha1":"6ee8aaa3ac1f4e0ae18717a3fd26892e9f0e4cc5","sha256":"3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24","sha512":"c503341fa3a7176fd10bd8cd7a5717c8faf971f87fa0c158f2d94fcd484ae3ed5031f49414dae833fb806b7365b5699c21d2e655376f69adb052b22f6f6982a7","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GK7:sHNwcv9VBQpLl88SMBQ47GK7","tlshash":"8083f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-10-13T22:05:06Z","last_seen":"2026-05-19T09:01:59.152743Z","times_seen":25800,"resource_available":true,"data":null}},"time_used":495,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":495,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fly.linkcdn.to/images/blank.png","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.194Z","timestamp":1701768547194,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Nov 2023 02:33:59 GMT","end":"Tue, 06 Feb 2024 02:33:58 GMT"},"fingerprint":{"sha1":"3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15","sha256":"88:F9:D6:D6:C2:D4:A4:0D:D4:B0:96:4B:69:72:D8:D3:5E:36:C8:9E:AE:D0:2F:E3:68:36:1E:C2:D2:EF:10:F5"}}},"request":{"raw":"GET /images/blank.png HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 05 Dec 2023 09:29:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 14543\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\nlast-modified: Mon, 25 Jan 2021 08:23:50 GMT\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\netag: \"7bd3f643b47e3cf4fa880988f4cf47a1\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: NNXGYZuoffWTLLLNEHGk6PHpgk8p3-oOFvStOATWCzy9KObnmXWYHQ==\r\nage: 48\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=jW1qkl9WGKxmHGbQgWZF9s%2Fy1MoqxP6mcz5IHlEfdBRnaCiWxIBx%2Fii6kIfVuAQM5%2FBp2E%2BtNlm3YQajGEyTCT4eKSgeoBNZdBXb9TgOW%2Bjo2tZESAXRw%2BDKkoR2NwvhHA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 830b43278c55b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14543,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\\012- data","md5":"7bd3f643b47e3cf4fa880988f4cf47a1","sha1":"1d621101263e509fd7fb8106a9121bb22d5049d5","sha256":"087f602507c9fcadc519196919f1a5b223cf9f2c0b7e3316906301fe6766e7d0","sha512":"503b3055a47c7870801b0385b140998d3de53ff8a192e5c28f1ad6caf65afa0a64fbf6ce10b1573bd73c6c9362e93dcb6f1166c7b23fc539cd26b0fe5230bdc3","ssdeep":"48:V/6fM+k29W8sEvrxN+Y9ZTon9BCpwXsc5b77Ms:VShkEWRKxNXZT2sUsc5TMs","tlshash":"98621e60bcb27864a15ed5325dc92049ac730a47dec19c46facc5c5a2f10be92c1f683","first_seen":"2023-06-19T15:00:50Z","last_seen":"2024-09-20T20:12:10.225061Z","times_seen":1214,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fly.linkcdn.to/statics/icons/fonts/lfshare.woff2?t=1651902680359","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.234Z","timestamp":1701768547234,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Nov 2023 02:33:59 GMT","end":"Tue, 06 Feb 2024 02:33:58 GMT"},"fingerprint":{"sha1":"3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15","sha256":"88:F9:D6:D6:C2:D4:A4:0D:D4:B0:96:4B:69:72:D8:D3:5E:36:C8:9E:AE:D0:2F:E3:68:36:1E:C2:D2:EF:10:F5"}}},"request":{"raw":"GET /statics/icons/fonts/lfshare.woff2?t=1651902680359 HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usps.nackege.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 05 Dec 2023 09:29:01 GMT\r\ncontent-type: binary/octet-stream\r\ncontent-length: 64888\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\nlast-modified: Wed, 13 Jul 2022 06:18:47 GMT\r\netag: \"50ef5cc42ac97682740cd733e8a4686c\"\r\nx-amz-server-side-encryption: AES256\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: v7Xiy8XuhDEmAFSEpXp-bGWGryMenMd3wUeqG130KTk2_VG0XDi8hg==\r\ncache-control: max-age=16070400\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=ChcvdocKi8duBxM0Tlci3N%2FWEONP2CM75DvJKPBpMU2lJy1EEQHpEgO4hndYlTIfCUPdmVGwHYWbf5GJZ0MFWoQ4tgHoKAikRvAGEZMmxbzYHqlWZUHyWVUwsElyJpCb%2FA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 830b4327dc9db509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64888,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 64888, version 1.0\\012- data","md5":"50ef5cc42ac97682740cd733e8a4686c","sha1":"6a424aa6327bd2e7b38015f30534e860af5a0719","sha256":"eaf7d08ea972ba51c5234fae1b6931acea32f593c1f61dfecae8fcfe4259f0e5","sha512":"4d6eb5375c07c01dc3bab516264bec59b0e9fb510eb49520a66639128342ce710c54c3cd8da276f11fb780c4eeea8b2dca4386bc468e77c6206ecc899438f249","ssdeep":"1536:dUZRZWZ98jWDZstQ/dbj6kW0AGxKrzFLp8te5Dta7sDtFLB9e9x0p:dUZW8jWDf/dbj6kWoK3FFgeO7sDtFLOE","tlshash":"7f5302bfc4038a6be275d836bc4adb84a97e75592db7246ce084306977077b0271077d","first_seen":"2023-05-15T16:42:27Z","last_seen":"2024-08-21T09:29:09.468227Z","times_seen":485,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":52,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usps.nackege.top/logo_mobile.svg","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"ip":{"addr":"43.130.17.205","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.186Z","timestamp":1701768547186,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usps.uipackege.top","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Dec 2023 10:06:05 GMT","end":"Thu, 29 Feb 2024 10:06:04 GMT"},"fingerprint":{"sha1":"6C:A7:A6:34:BA:08:AA:6E:26:7A:83:3C:EA:65:8A:CD:FB:E8:E6:64","sha256":"BC:72:44:48:E1:68:07:34:5D:43:15:7B:70:1D:DD:61:E2:D2:48:F6:DB:FA:BD:B6:78:C9:E3:91:43:69:5B:50"}}},"request":{"raw":"GET /logo_mobile.svg HTTP/1.1\r\nHost: usps.nackege.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nCookie: PHPSESSID=jliprngmv91bh1muefqe2vigrl\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 Dec 2023 09:29:01 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2060\r\nlast-modified: Wed, 27 Sep 2023 13:10:46 GMT\r\netag: \"651429d6-80c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2060,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- XML 1.0 document text\\012- XML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with CRLF line terminators","md5":"f8ad388b3e39b860c97de0029ae98a21","sha1":"9b032ef4ef4100dda1ba44be4836e6956b11387c","sha256":"9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2","sha512":"046772635e6ea587aaa4b4def7db1dcdd02219633e57763fcabeca6c999442981d5311434fb82f97afc63b0869e2086958ab139ea8e1a5c7bf115fee4c1d1900","ssdeep":"","tlshash":"a741ec0b530cdbae665551a6d97800c9616afda7e470e0c0b3bf1837e18d4e4a6dc6a8","first_seen":"2023-04-08T20:42:42Z","last_seen":"2026-05-18T12:53:33.457498Z","times_seen":8365,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fly.linkcdn.to/images/verified_sprite.png","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.555Z","timestamp":1701768547555,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Nov 2023 02:33:59 GMT","end":"Tue, 06 Feb 2024 02:33:58 GMT"},"fingerprint":{"sha1":"3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15","sha256":"88:F9:D6:D6:C2:D4:A4:0D:D4:B0:96:4B:69:72:D8:D3:5E:36:C8:9E:AE:D0:2F:E3:68:36:1E:C2:D2:EF:10:F5"}}},"request":{"raw":"GET /images/verified_sprite.png HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 05 Dec 2023 09:29:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 3460\r\nlast-modified: Tue, 19 Sep 2023 08:47:05 GMT\r\nx-amz-server-side-encryption: AES256\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\naccess-control-allow-origin: *\r\netag: \"8302f6a83bd1aec82c83d2830f210470\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: 4OvXrqjl7tqrFznwdythh8UOIHCYeJHbXDlhKbClrEqzXIb-tNZiCQ==\r\nage: 6960\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=vHQRvVNAsuRnDCOmohkYtpIL8tU6tWue2eTPT0updjou4m5kR3byQSbR6z85R492zZu6TxyrDdks3nQpGPjGE5o4%2FOeKwFGyeMmXBgt0JoPYBbAhWbtzJNsKXuc0tG40vw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 830b4329cf29b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3460,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 284 x 72, 8-bit colormap, non-interlaced\\012- data","md5":"8302f6a83bd1aec82c83d2830f210470","sha1":"4399125de0cb0d08ca50698a07756105ce10347a","sha256":"4d11f37fae309c522c4c45d9f75cb48f0651a09a9d278cddbd19a1a8e31aa9a3","sha512":"bad9bd32d2449b003386b1e2077639b2b8875c6643e8ca24381eeb5f0dc49d80b572a3fc7a1a81e960ea5584ae4a7ff38f516e778571a93d0c71490abeb574d0","ssdeep":"","tlshash":"ed614c5b754a66368e5ce22c196270d37c11bd6b047830993655b13d4e32108e37f5ba","first_seen":"2023-09-22T02:47:41Z","last_seen":"2025-09-25T14:17:24.319897Z","times_seen":5798,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fly.linkcdn.to/statics/links/icons-socials/spirit/1.png","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.558Z","timestamp":1701768547558,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Nov 2023 02:33:59 GMT","end":"Tue, 06 Feb 2024 02:33:58 GMT"},"fingerprint":{"sha1":"3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15","sha256":"88:F9:D6:D6:C2:D4:A4:0D:D4:B0:96:4B:69:72:D8:D3:5E:36:C8:9E:AE:D0:2F:E3:68:36:1E:C2:D2:EF:10:F5"}}},"request":{"raw":"GET /statics/links/icons-socials/spirit/1.png HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 05 Dec 2023 09:29:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 4949\r\nlast-modified: Thu, 10 Sep 2020 13:28:40 GMT\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\naccess-control-allow-origin: *\r\netag: \"8139cee41cfe4201b9021936e39de717\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: N1YGibC-8106BSBr-XmT-enlI4ORSl-rKdqd6rrEAEW8CTgOLFRlsw==\r\nage: 2247\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Ft6Vh%2BRSyWNssnHI60wiwZXsMT1a%2BOjF14%2F8MsRwvfYP%2BVGzh1GVUUQiRkggqpVWO9IEjxztn1pnEM8Zl7b1DLwyY07MCiiwNCEhnx0CJFnDd24eXbSrunq80OM52ITcHw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 830b4329cf2fb509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4949,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 304 x 60, 8-bit/color RGBA, non-interlaced\\012- data","md5":"8139cee41cfe4201b9021936e39de717","sha1":"854f63367081a91a9ac08d16684d6d4f0fbf8075","sha256":"fc8abacb97d2e71cafbfdd4705d6f914e189d7825edff03d7a95acaca7f98ef1","sha512":"639a283fe5cf4025b8626c633a5f5d6cbe07693a570b7700f225bb969ec91563633a57831db9e218d57c2fbfe561a8ecf39a57ae9bad58911a0d0e19b31442dc","ssdeep":"96:dLhwT63ccX0Uu3IdaBem8OuacfLwbf0bS1OI4EWug3IKK2SVtYF0rVH1js:BhwTr13IYBAOuRUbfOb3IKyiQ3w","tlshash":"f2a17dc91e5d9fbfe18f84109d625b83d2b55c400168b1ed9a5bd2661cdf94c3dd820f","first_seen":"2023-10-27T04:33:42Z","last_seen":"2026-01-09T10:39:51.905788Z","times_seen":5727,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fly.linkcdn.to/statics/links/icons-socials/spirit/3.png","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.561Z","timestamp":1701768547561,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Nov 2023 02:33:59 GMT","end":"Tue, 06 Feb 2024 02:33:58 GMT"},"fingerprint":{"sha1":"3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15","sha256":"88:F9:D6:D6:C2:D4:A4:0D:D4:B0:96:4B:69:72:D8:D3:5E:36:C8:9E:AE:D0:2F:E3:68:36:1E:C2:D2:EF:10:F5"}}},"request":{"raw":"GET /statics/links/icons-socials/spirit/3.png HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 05 Dec 2023 09:29:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 7538\r\nlast-modified: Thu, 10 Sep 2020 13:28:40 GMT\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\naccess-control-allow-origin: *\r\netag: \"229b5dca08997b920118bf7231011cf2\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: OmvpO08al4PeI-rxW3P8p0AiLedubnymfR_dACH5eV0ddi9y7tSfNA==\r\nage: 2247\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=1nfUFZWk9ZVsiYlLwNb3Jv4mDzFkY1MTVyTyAOIkb4Q0KD%2FB3bA91TfvcYmo54Yg3AARluNa0tyGP1IqpLnLDZmIAu3GnE9%2FOi5dbA0rH7XZNRtYTB1sUeAjtSqzomaUWA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 830b4329df31b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7538,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 304 x 60, 8-bit/color RGBA, non-interlaced\\012- data","md5":"229b5dca08997b920118bf7231011cf2","sha1":"69c32741e08b5010b65359c627e9d97ddebffb89","sha256":"aa2a82bbec6afb10324988b2003e61d47a09708b25ac0e2ce3b64950aa2b7a35","sha512":"faeed17cb29aea239f0dd0f154dc3edc8c52eb6a93cb52fec6d2eb2f4839b276c1d08904f2926deedc9e120823ad671c1eda0e27504176e4b3563ff39d7ba1c2","ssdeep":"192:o5n1sSxLeaQsQSI61Hfj1b7Bj8oEOelGN:o5haahdjRFQO7","tlshash":"5ff180cd96dea9f058a3fab17444cda37d205128ca67937cc18e68772d9e149068471f","first_seen":"2023-10-25T02:31:56Z","last_seen":"2026-01-09T10:39:51.901953Z","times_seen":5758,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fly.linkcdn.to/statics/links/icons-socials/spirit/6.png","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.563Z","timestamp":1701768547563,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Nov 2023 02:33:59 GMT","end":"Tue, 06 Feb 2024 02:33:58 GMT"},"fingerprint":{"sha1":"3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15","sha256":"88:F9:D6:D6:C2:D4:A4:0D:D4:B0:96:4B:69:72:D8:D3:5E:36:C8:9E:AE:D0:2F:E3:68:36:1E:C2:D2:EF:10:F5"}}},"request":{"raw":"GET /statics/links/icons-socials/spirit/6.png HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 05 Dec 2023 09:29:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 8759\r\nlast-modified: Thu, 10 Sep 2020 13:28:42 GMT\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\naccess-control-allow-origin: *\r\netag: \"cd115f6d3642f90c79b0af1ae9a93c2f\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: pMO-GoMKRmaZqy3eLISjVVfZ3KWrDIo3p6yHkevLcDur2N4EgK2XgA==\r\nage: 2247\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=HvPhjJPm8KeaklRkq2M19gVYoktPmlrSf7t7eeS7IQ%2BbBRfhYASy45ydJVIOnAb6AWHYzvbsYcfmRmElPbF1SIsCbD0j50Q737dHIpUF21qpuL%2FSTjm2cJ54Cl0jUFIrhg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 830b4329df33b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8759,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 304 x 60, 8-bit/color RGBA, non-interlaced\\012- data","md5":"cd115f6d3642f90c79b0af1ae9a93c2f","sha1":"d65536edb8c54d18b476936f0b24ed0e73f4f930","sha256":"b106acf20bd4b5ff01ddb53be3c6f3173682ea42b893f31a1400e09de0be9e49","sha512":"4f533b21486034a79e571696f412723fd1853b63511bba4cf47fc0019d62ffeab5ce72200ae474cc760ce92c15cdb937ca47405ef15d648d4e0829d8265c4938","ssdeep":"192:EpnPh9wuIAG3EC27/In6oUxEbduDhtUz8HQAaWqjqqJByAbSIC+8Qf8SKg:0Ph9wuIAG3EC27Q6oUG4/UA7q+ycPfP6","tlshash":"3802ae82e946c6db5e8462833dd92333e222fba723e3573495085d124ec61d6f8f7987","first_seen":"2023-06-20T05:12:56Z","last_seen":"2026-01-09T10:39:51.906377Z","times_seen":5861,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fly.linkcdn.to/statics/links/icons-socials/spirit/32.png","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.564Z","timestamp":1701768547564,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Nov 2023 02:33:59 GMT","end":"Tue, 06 Feb 2024 02:33:58 GMT"},"fingerprint":{"sha1":"3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15","sha256":"88:F9:D6:D6:C2:D4:A4:0D:D4:B0:96:4B:69:72:D8:D3:5E:36:C8:9E:AE:D0:2F:E3:68:36:1E:C2:D2:EF:10:F5"}}},"request":{"raw":"GET /statics/links/icons-socials/spirit/32.png HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 05 Dec 2023 09:29:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 6743\r\nlast-modified: Thu, 10 Sep 2020 13:28:55 GMT\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\naccess-control-allow-origin: *\r\netag: \"78fd36b0d6c14772a8b46b88817087b3\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: WtRwY1jZb5YM4mAKn-mKxXvyrrz1RmOUcJ9dBoNr2cQMGaxGrGqwJQ==\r\nage: 2247\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=EQbGJ09xa3M00Ou%2B7pUesWU%2F%2BNxNdDfUn4PsVE0oWUvnEVW0e5TE2HXxduTNEvzG6NNyjAzCRsi6DBWWDrAqtKW3LaHj8NUvGFQS8xziWJEu%2FR7ARKa9Q4lVuK2FFe4L0g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 830b4329df3db509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6743,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 304 x 60, 8-bit/color RGBA, non-interlaced\\012- data","md5":"78fd36b0d6c14772a8b46b88817087b3","sha1":"b738599182b0eb67a9c91501f121a16cebef2d40","sha256":"e36eaeb05ac9e38a5e6ee0fea36ded8da7707532912f061ef6d445603fb5bfa9","sha512":"e8275b642d90b639f1a76f1d30d63a45e41823d262d5c41e339f2aa982a29cc55506e92e0ba789a4c7c2f06f0fa589df93e115ecca411b64210f3ff3d4d2d722","ssdeep":"96:tKMW6himyvAU/QxQ5dIYB4kwTWZ5K/GjyL0HmmLnOyMmZbnwTlbsYkyIJXnGk981:oMPiuC5j45yxjdPLn8m9wxbsF/GkkAw9","tlshash":"8ad19e4d76ce8219b3ce14302a42263df6568c5a31dba508823b627d371cdf52b5cbeb","first_seen":"2023-06-20T05:12:56Z","last_seen":"2026-01-09T10:39:51.902656Z","times_seen":5882,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/mavenpro/v25/7Auup_AqnyWWAxW2Wk3swUz56MS91Eww8Rf21nejpBh8CvRBOA.woff","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.533Z","timestamp":1701768547533,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"E5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD","sha256":"EF:BD:DB:F8:2A:77:8C:C2:9E:F9:E0:B2:26:39:CB:EC:63:F1:80:36:F6:06:6E:F5:E1:6C:45:66:A4:D1:A6:C8"}}},"request":{"raw":"GET /s/mavenpro/v25/7Auup_AqnyWWAxW2Wk3swUz56MS91Eww8Rf21nejpBh8CvRBOA.woff HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usps.nackege.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 12580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Nov 2023 05:30:24 GMT\r\nexpires: Fri, 29 Nov 2024 05:30:24 GMT\r\ncache-control: public, max-age=31536000\r\nage: 446317\r\nlast-modified: Wed, 03 Nov 2021 17:05:24 GMT\r\ncontent-type: font/woff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12580,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 12580, version 1.1\\012- data","md5":"c329e5a724e3c186353c4af3a0f791ed","sha1":"064959ddf1f461974203b7cc61cb168c10a78287","sha256":"fc9e259669117b3e2c814392798e23871961db27b54ef88731aae886f5c4f58d","sha512":"d6f3c2af83535c92d46f73791535b9c6a15153a1ac379f36a113adbddd92b48004da009091185996c7d6ce9ab0bdca67542afb5b09255b792abb98cbf0098fa0","ssdeep":"384:6cR5BW44kLRH1O4NEHX/gX9mvrcK/70JE:HWhktVO4NGMK/70q","tlshash":"9742cf697b2323cfc76bd57680c2539727b3c49282a4a2989e79409839856cc9f6bc50","first_seen":"2023-05-08T17:47:48Z","last_seen":"2026-01-09T10:39:51.903267Z","times_seen":5927,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":37,"dns":0,"connect":8,"send":0,"wait":8,"receive":2,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"usps.nackege.top/wss/","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"ip":{"addr":"43.130.17.205","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:06.148Z","timestamp":1701768546148,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usps.uipackege.top","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Dec 2023 10:06:05 GMT","end":"Thu, 29 Feb 2024 10:06:04 GMT"},"fingerprint":{"sha1":"6C:A7:A6:34:BA:08:AA:6E:26:7A:83:3C:EA:65:8A:CD:FB:E8:E6:64","sha256":"BC:72:44:48:E1:68:07:34:5D:43:15:7B:70:1D:DD:61:E2:D2:48:F6:DB:FA:BD:B6:78:C9:E3:91:43:69:5B:50"}}},"request":{"raw":"GET /wss/ HTTP/1.1\r\nHost: usps.nackege.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://usps.nackege.top\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: l8WvADGgbafl5BTJmt0lFQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: PHPSESSID=jliprngmv91bh1muefqe2vigrl\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Web Socket Protocol Handshake\r\nServer: nginx\r\nDate: Tue, 05 Dec 2023 09:29:00 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nWebSocket-Origin: localhost\r\nWebSocket-Location: ws://localhost:12345/websocket/websocket\r\nSec-WebSocket-Accept: S3Wvq9cLKUkqUMLqyQILM/XqTQg=\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Web Socket Protocol Handshake","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T09:11:22.023028Z","times_seen":15432103,"resource_available":true,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":23,"connect":162,"send":0,"wait":162,"receive":1,"ssl":168},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usps.nackege.top/js/us.js","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"ip":{"addr":"43.130.17.205","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:05.271Z","timestamp":1701768545271,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usps.uipackege.top","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Dec 2023 10:06:05 GMT","end":"Thu, 29 Feb 2024 10:06:04 GMT"},"fingerprint":{"sha1":"6C:A7:A6:34:BA:08:AA:6E:26:7A:83:3C:EA:65:8A:CD:FB:E8:E6:64","sha256":"BC:72:44:48:E1:68:07:34:5D:43:15:7B:70:1D:DD:61:E2:D2:48:F6:DB:FA:BD:B6:78:C9:E3:91:43:69:5B:50"}}},"request":{"raw":"GET /js/us.js HTTP/1.1\r\nHost: usps.nackege.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nCookie: PHPSESSID=jliprngmv91bh1muefqe2vigrl\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 Dec 2023 09:28:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 28 Oct 2023 21:54:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"653d82fe-65d\"\r\nexpires: Tue, 05 Dec 2023 21:28:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1629,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (1837), with no line terminators","md5":"8dab4607b62df04a37c84a85c10d09c7","sha1":"63d237f9319303f8a6473a056f41bc70368cc382","sha256":"b5e388d6bfc95ba82ceec35aca961318f5b3584e236efdaadf9d1591cebea783","sha512":"cdbc120ddb3a28a776bb0981b7733676a56c6b0bb4e35c400107c08f65ac60c96f8e9d2687557909cfecee09ada0d41d3cc4fd5d09791d0785752a9c4fac2f82","ssdeep":"","tlshash":"0c3164e22a08b22323184d3c64f1f5b469f9e274fc521730599f1a4ea2f5e5cc4c7996","first_seen":"2023-10-29T15:40:17Z","last_seen":"2024-08-20T21:55:37.426671Z","times_seen":106,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"usps.nackege.top/css/defaultWhite.css","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"ip":{"addr":"43.130.17.205","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.179Z","timestamp":1701768547179,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usps.uipackege.top","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Dec 2023 10:06:05 GMT","end":"Thu, 29 Feb 2024 10:06:04 GMT"},"fingerprint":{"sha1":"6C:A7:A6:34:BA:08:AA:6E:26:7A:83:3C:EA:65:8A:CD:FB:E8:E6:64","sha256":"BC:72:44:48:E1:68:07:34:5D:43:15:7B:70:1D:DD:61:E2:D2:48:F6:DB:FA:BD:B6:78:C9:E3:91:43:69:5B:50"}}},"request":{"raw":"GET /css/defaultWhite.css HTTP/1.1\r\nHost: usps.nackege.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nCookie: PHPSESSID=jliprngmv91bh1muefqe2vigrl\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 Dec 2023 09:29:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 28 Oct 2023 21:24:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"653d7c18-f34\"\r\nexpires: Tue, 05 Dec 2023 21:29:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3892,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4077), with no line terminators","md5":"95acad53b0768c90b018bb9640bef411","sha1":"de6a6759a13ab2047f504e1c40d8714187c686ad","sha256":"38eb406caa4b489b3db08f4861407e6cb86a7b484b508ba248d9619864affe5d","sha512":"19bf38eb0a9bd4ff4b164f6ba60e5b8a91d30ea082e17d075597e413533f7d5f63820c9f25dda2ca83d1bfd95f5649e3cf5620d39c2131fbb7adc53a2785bf6d","ssdeep":"","tlshash":"0f819b22fd2906f651135f98bbeff6ba72687200c6100727f7955322139fad8486139e","first_seen":"2023-10-01T16:25:31Z","last_seen":"2024-08-21T05:24:07.978343Z","times_seen":3785,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fly.linkcdn.to/images/favicon.ico","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.683Z","timestamp":1701768547683,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Nov 2023 02:33:59 GMT","end":"Tue, 06 Feb 2024 02:33:58 GMT"},"fingerprint":{"sha1":"3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15","sha256":"88:F9:D6:D6:C2:D4:A4:0D:D4:B0:96:4B:69:72:D8:D3:5E:36:C8:9E:AE:D0:2F:E3:68:36:1E:C2:D2:EF:10:F5"}}},"request":{"raw":"GET /images/favicon.ico HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 05 Dec 2023 09:29:01 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Mon, 15 Mar 2021 07:50:44 GMT\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\naccess-control-allow-origin: *\r\netag: W/\"a4cedb09a224bfc2bb7d5c6c90d2c8fc\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: HCnV3Of36L_X9fVdf_pgC0eP_cJCxPXxktFQvIn174PymF-sBHpFvQ==\r\nage: 2325\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=nQMiyGoR7OLOtA1aPS0NosUpl3JN1QE8QUk4Zc6R%2BzO6u2dlJ9YOJG2mA21d5IxA4qAO%2B76pF9yeASFME6D%2BAwJ7DTGidkGEcbEMoYsTJwY1DG8mxnzPTpnXzGzqJyZRVA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 830b432a9ff4b509-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T09:11:22.023028Z","times_seen":15432103,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fly.linkcdn.to/v2.5/theme/share-common.css?t=1658885907447","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.177Z","timestamp":1701768547177,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Nov 2023 02:33:59 GMT","end":"Tue, 06 Feb 2024 02:33:58 GMT"},"fingerprint":{"sha1":"3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15","sha256":"88:F9:D6:D6:C2:D4:A4:0D:D4:B0:96:4B:69:72:D8:D3:5E:36:C8:9E:AE:D0:2F:E3:68:36:1E:C2:D2:EF:10:F5"}}},"request":{"raw":"GET /v2.5/theme/share-common.css?t=1658885907447 HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 05 Dec 2023 09:29:01 GMT\r\ncontent-type: text/css\r\nage: 48\r\ncf-bgj: minify\r\ncf-polished: origSize=55416\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\netag: W/\"4180f589edeef825d162fffbc61008d9\"\r\nlast-modified: Wed, 29 Mar 2023 10:26:43 GMT\r\nreferrer-policy: same-origin\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\nvary: Accept-Encoding\r\nvia: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)\r\nx-amz-cf-id: gsUz2q9FcCbKJGIdQbU5DIvKJ69KTo9HydAjqgRanBMjScvvy20kfQ==\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-server-side-encryption: AES256\r\nx-cache: Hit from cloudfront\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=IiOYQ3TYRU%2BjwJgepiFNe9IcX3CtOhxbf5qE6J7c2UQzrr83FgiDHV4%2F48CftdIrCN%2BphyUuaWL9KSu5157GAattOjWlMKhq5junIvdYt%2Bc80uMIHEX6AECV2pHOPhu0CQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 830b43276c3db509-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48354,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (24473)","md5":"58a5b83f87c9cead14212a3d42f23df2","sha1":"97f552c24b11fb7c6c00d769faacbb28f0d492b5","sha256":"9e448238639792210d43bde27374200528b632a1b2b84ba343b360ec5a35aa8d","sha512":"7f130380e63b6ae426bc678ddeb4549b69089056d203d18a5ea2a9e951710043158b1775dd8087cb590a7456b1b1764c5bb782080262722a2ab44990cee5c7ad","ssdeep":"768:La6+3WOVqCVqVVqVVq8Vq8hl7Gu4x3v3+3I3Icnbj0/p7yAeaHCq7W+XiaWEGWv4:yVBVaVqVfVVTK+XOpWXGFF","tlshash":"032354e0c20d54c86727c8476785b306ee55b1398de90d2bf56fc49c0ff262663e6ba8","first_seen":"2023-04-14T12:11:03Z","last_seen":"2024-09-20T20:12:10.254217Z","times_seen":5770,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usps.nackege.top/css/default.css?t=1680569519815","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"ip":{"addr":"43.130.17.205","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.178Z","timestamp":1701768547178,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usps.uipackege.top","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Dec 2023 10:06:05 GMT","end":"Thu, 29 Feb 2024 10:06:04 GMT"},"fingerprint":{"sha1":"6C:A7:A6:34:BA:08:AA:6E:26:7A:83:3C:EA:65:8A:CD:FB:E8:E6:64","sha256":"BC:72:44:48:E1:68:07:34:5D:43:15:7B:70:1D:DD:61:E2:D2:48:F6:DB:FA:BD:B6:78:C9:E3:91:43:69:5B:50"}}},"request":{"raw":"GET /css/default.css?t=1680569519815 HTTP/1.1\r\nHost: usps.nackege.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nCookie: PHPSESSID=jliprngmv91bh1muefqe2vigrl\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 Dec 2023 09:29:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 28 Oct 2023 21:24:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"653d7c18-175bc\"\r\nexpires: Tue, 05 Dec 2023 21:29:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95676,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d27e915c4c1bf557699170e2a5f24368","sha1":"d5a1c5b5cd7cb3446fe74ee27040e85dcafcd1b0","sha256":"5fe6b42ae13a161663373634245e6e2119bccf7f1da46bddc378098447db5226","sha512":"6ab752ee64dc48fc62d93e3eddad22b636eebf9e713cdf24d145b8964ab69a9583cd42f952a583fccbfaafee681fce91211ede8c0d5f060cc897679c19d84b59","ssdeep":"1536:y5xrSoVJL34r+Y0O9MaFtMXxvU/qcBNs3RNTuVD0m1UyUjeFTu4r+YQ4O9Ma5udG:yvSoVJLrIogZwL98O","tlshash":"a19375b54e731988b51b8564abef0b95333890934007ccf9bbcd364d4f85aec65d2b8a","first_seen":"2023-10-01T16:25:31Z","last_seen":"2024-08-21T05:24:07.975564Z","times_seen":4236,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fly.linkcdn.to/images/favicon.ico","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:06.146Z","timestamp":1701768546146,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Nov 2023 02:33:59 GMT","end":"Tue, 06 Feb 2024 02:33:58 GMT"},"fingerprint":{"sha1":"3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15","sha256":"88:F9:D6:D6:C2:D4:A4:0D:D4:B0:96:4B:69:72:D8:D3:5E:36:C8:9E:AE:D0:2F:E3:68:36:1E:C2:D2:EF:10:F5"}}},"request":{"raw":"GET /images/favicon.ico HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 05 Dec 2023 09:29:00 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Mon, 15 Mar 2021 07:50:44 GMT\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\naccess-control-allow-origin: *\r\netag: W/\"a4cedb09a224bfc2bb7d5c6c90d2c8fc\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: HCnV3Of36L_X9fVdf_pgC0eP_cJCxPXxktFQvIn174PymF-sBHpFvQ==\r\nage: 2324\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=AGytcvwBrHzWU1JJoEXdbZRJhfIXKWSxqGDO%2B3k7cPpmQAhf2%2BkDOfzB3%2Bn0hVIAwzD%2BsOL%2BZykmwSlzaOXFvXAsFZGTiLDjJLz9ho5rQe1fp0gg7h4Y08T5%2BL6xXbIkLg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 830b432149d7b4ff-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T09:11:22.023028Z","times_seen":15432103,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":23,"connect":2,"send":0,"wait":9,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Tinos:wght@400;700\u0026family=Archivo\u0026family=Lora\u0026family=Maven+Pro\u0026family=Merriweather\u0026family=Montserrat\u0026family=Nunito:wght@600\u0026family=Pacifico\u0026family=Poppins:wght@400;500;600\u0026family=Raleway\u0026family=Kite+One\u0026family=Mitr:wght@300\u0026family=Sriracha\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usps.nackege.top/","date":"2023-12-05T09:29:07.175Z","timestamp":1701768547175,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42","sha256":"9A:90:D4:1D:0C:D1:CA:9D:4D:19:37:44:C4:E6:E4:28:27:C0:F5:0A:9C:B4:56:89:C4:D1:8A:63:A7:01:28:54"}}},"request":{"raw":"GET /css2?family=Tinos:wght@400;700\u0026family=Archivo\u0026family=Lora\u0026family=Maven+Pro\u0026family=Merriweather\u0026family=Montserrat\u0026family=Nunito:wght@600\u0026family=Pacifico\u0026family=Poppins:wght@400;500;600\u0026family=Raleway\u0026family=Kite+One\u0026family=Mitr:wght@300\u0026family=Sriracha\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usps.nackege.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 05 Dec 2023 09:29:01 GMT\r\ndate: Tue, 05 Dec 2023 09:29:01 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25787,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"5a0c76e00f48830a6496e48dbcb292f2","sha1":"7e5dfd61c9351629d44b89057938a8d61cd98421","sha256":"58585842ae6888dce49a43c2150504bc2bfd6bc8648ef88aa15db256c5ec95b9","sha512":"0a85891d24e3af5f84dd998464d792de6f91548c277bccdc66cf46ad8fefcdb1e594e242abf808999591d0573db0761f734e6beddd7ab7cd70efc7cf3045925c","ssdeep":"384:c5nBgpduLmL4LqF39CgmIaVRQjKelMxG6AMgwn:kLmL4LhelVM","tlshash":"edc2aad1042ba500eb871cc663cf7e36ed4e61163455d17aaffe18d8acabd221364b1e","first_seen":"2023-09-16T06:44:45Z","last_seen":"2024-08-21T06:45:02.922286Z","times_seen":268,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":33,"dns":1,"connect":8,"send":0,"wait":37,"receive":1,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usps.nackege.top/","fqdn":"usps.nackege.top","domain":"nackege.top","tld":"top"},"ip":{"addr":"43.130.17.205","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-05T09:29:04.545Z","timestamp":1701768544545,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usps.uipackege.top","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Dec 2023 10:06:05 GMT","end":"Thu, 29 Feb 2024 10:06:04 GMT"},"fingerprint":{"sha1":"6C:A7:A6:34:BA:08:AA:6E:26:7A:83:3C:EA:65:8A:CD:FB:E8:E6:64","sha256":"BC:72:44:48:E1:68:07:34:5D:43:15:7B:70:1D:DD:61:E2:D2:48:F6:DB:FA:BD:B6:78:C9:E3:91:43:69:5B:50"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usps.nackege.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 Dec 2023 09:28:59 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nset-cookie: PHPSESSID=jliprngmv91bh1muefqe2vigrl; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":75,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with no line terminators","md5":"68e7df233edacfdc78790184c637791e","sha1":"9f882a555892caf60f1f222df1ff53491cf77881","sha256":"877cd19129214364af42eb089ce3d79277b7c1789cd881a9b9cc05c314ec1b9a","sha512":"f2a6340c8d227bff583ccc8fd62cf7912cb6e1fadfd9bfcd418c1d6d6cab5565bdb19a7c0ef3bd72714371ff52d24ce5cf054d4e6e0d97420c37af2ebe0c0e48","ssdeep":"","tlshash":"98a012160d41c28454005c4015bad0390008b8511100cc0860c0945d51083c86c13f44","first_seen":"2023-10-29T15:40:17Z","last_seen":"2024-08-20T21:55:37.426072Z","times_seen":1880,"resource_available":false,"data":null}},"time_used":848,"timings":{"blocked":332,"dns":1,"connect":166,"send":0,"wait":167,"receive":0,"ssl":173},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}}]}