Report - usply.shop/

Report Overview

Submitted URL

usply.shop/
IP

204.44.92.195

ASN

#8100 ASN-QUADRANET-GLOBAL
Submitted

2023-11-21T07:34:37Z

Access

public
Website Title

USPS - Linkfly
Final URL

usply.shop/
Tags

usps logistics phishing
urlquery detections

Phishing - US Postal Service

Detections

urlquery

17
Network Intrusion Detection

2
Threat Detection Systems

0

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
usply.shop (11)	unknown	No data	No data	5351	260500	204.44.92.195
fly.linkcdn.to (7)	291375	2021-04-08 17:01:37	2023-11-20 07:42:07	3134	59680	104.21.68.98
fonts.gstatic.com (1)	unknown	2014-09-09 02:40:21	2023-11-21 07:51:56	508	13414	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-21T07:34:23Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-11-21T07:34:23Z	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (19)

URL IP Response Size

usply.shop/js/us.js

204.44.92.195

200 OK

963

URL GET HTTP/2

usply.shop/js/us.js
IP

204.44.92.195:443
ASN

#8100 ASN-QUADRANET-GLOBAL

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectuspxv.shop

FingerprintE9:90:3E:6B:CC:27:C7:95:D1:F9:BC:DE:19:39:7A:E2:AB:4A:4F:CD

ValidityWed, 15 Nov 2023 11:28:01 GMT - Tue, 13 Feb 2024 11:28:00 GMT

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

Size

963
Hash

72146df9a2a8d5eb1d5017438b275843

0a385e63fd5beb4105c6d8405c25a2405212ef89

57bb8ea66e7c0f76ed037d2a4f59ff007220caa8f4c527bdef2be0f7212be8e3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

                                        GET /js/us.js HTTP/1.1
Host: usply.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Cookie: PHPSESSID=c09cbvrpmebaqstdur8o5gfeh8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 07:34:19 GMT
content-type: application/javascript
content-length: 963
last-modified: Sun, 29 Oct 2023 15:39:06 GMT
etag: "653e7c9a-3c3"
expires: Tue, 21 Nov 2023 19:34:19 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

usply.shop/loading.jpg

204.44.92.195

200 OK

81572

URL GET HTTP/2

usply.shop/loading.jpg
IP

204.44.92.195:443
ASN

#8100 ASN-QUADRANET-GLOBAL

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectuspxv.shop

FingerprintE9:90:3E:6B:CC:27:C7:95:D1:F9:BC:DE:19:39:7A:E2:AB:4A:4F:CD

ValidityWed, 15 Nov 2023 11:28:01 GMT - Tue, 13 Feb 2024 11:28:00 GMT

Magic

GIF image data, version 89a, 630 x 637\012- data

Size

81572
Hash

9e0373c2b4410c49439dfd822c5fd16e

427f86c03751b7e107fd282bbe32be18fc2e0898

05eb745176d79ec27d52d544582483fc4d0f6378c7ed2060be24dfc4e8990668

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

                                        GET /loading.jpg HTTP/1.1
Host: usply.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Cookie: PHPSESSID=c09cbvrpmebaqstdur8o5gfeh8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 07:34:19 GMT
content-type: image/jpeg
content-length: 81572
last-modified: Wed, 21 Sep 2022 07:47:06 GMT
etag: "632ac17a-13ea4"
expires: Thu, 21 Dec 2023 07:34:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

usply.shop/js/index.js

204.44.92.195

200 OK

497

URL GET HTTP/2

usply.shop/js/index.js
IP

204.44.92.195:443
ASN

#8100 ASN-QUADRANET-GLOBAL

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectuspxv.shop

FingerprintE9:90:3E:6B:CC:27:C7:95:D1:F9:BC:DE:19:39:7A:E2:AB:4A:4F:CD

ValidityWed, 15 Nov 2023 11:28:01 GMT - Tue, 13 Feb 2024 11:28:00 GMT

Magic

ASCII text

Size

497
Hash

3f15720b1fec809813d4184823580558

1dfb947adef9110cfeccea5d951ce609e47eb969

afe0ad041867370bebddde7960461e9c140da89205be977381531204cd83dcaf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

                                        GET /js/index.js HTTP/1.1
Host: usply.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Cookie: PHPSESSID=c09cbvrpmebaqstdur8o5gfeh8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 07:34:19 GMT
content-type: application/javascript
content-length: 497
last-modified: Sun, 29 Oct 2023 15:39:20 GMT
etag: "653e7ca8-1f1"
expires: Tue, 21 Nov 2023 19:34:19 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

usply.shop/favicon.ico

204.44.92.195

200 OK

32038

URL GET HTTP/2

usply.shop/favicon.ico
IP

204.44.92.195:443
ASN

#8100 ASN-QUADRANET-GLOBAL

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectuspxv.shop

FingerprintE9:90:3E:6B:CC:27:C7:95:D1:F9:BC:DE:19:39:7A:E2:AB:4A:4F:CD

ValidityWed, 15 Nov 2023 11:28:01 GMT - Tue, 13 Feb 2024 11:28:00 GMT

Magic

MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data

Size

32038
Hash

3f0f72ed57a54b97cda500bcf0545efb

2f252619c18e729d98e16b96d37cd7cd567b38eb

67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

                                        GET /favicon.ico HTTP/1.1
Host: usply.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Cookie: PHPSESSID=c09cbvrpmebaqstdur8o5gfeh8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 07:34:20 GMT
content-type: image/x-icon
content-length: 32038
last-modified: Sat, 10 Jun 2023 01:02:42 GMT
etag: "6483cbb2-7d26"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

usply.shop/wss/

204.44.92.195

URL

usply.shop/wss/
IP

204.44.92.195:0
ASN

#8100 ASN-QUADRANET-GLOBAL

Certificate

IssuerLet's Encrypt

Subjectuspxv.shop

FingerprintE9:90:3E:6B:CC:27:C7:95:D1:F9:BC:DE:19:39:7A:E2:AB:4A:4F:CD

ValidityWed, 15 Nov 2023 11:28:01 GMT - Tue, 13 Feb 2024 11:28:00 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /wss/ HTTP/1.1
Host: usply.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://usply.shop
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iTcDIpPNU9FFaCIIDIq6Ng==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: PHPSESSID=c09cbvrpmebaqstdur8o5gfeh8
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Web Socket Protocol Handshake
Server: nginx
Date: Tue, 21 Nov 2023 07:34:20 GMT
Connection: upgrade
Upgrade: websocket
WebSocket-Origin: localhost
WebSocket-Location: ws://localhost:12345/websocket/websocket
Sec-WebSocket-Accept: pjH5a/UWu+7ZJ2aqosooxbBmzF8=

usply.shop/logo_mobile.svg

204.44.92.195

200 OK

2060

URL GET HTTP/2

usply.shop/logo_mobile.svg
IP

204.44.92.195:443
ASN

#8100 ASN-QUADRANET-GLOBAL

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectuspxv.shop

FingerprintE9:90:3E:6B:CC:27:C7:95:D1:F9:BC:DE:19:39:7A:E2:AB:4A:4F:CD

ValidityWed, 15 Nov 2023 11:28:01 GMT - Tue, 13 Feb 2024 11:28:00 GMT

Magic

SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators

Size

2060
Hash

f8ad388b3e39b860c97de0029ae98a21

9b032ef4ef4100dda1ba44be4836e6956b11387c

9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

                                        GET /logo_mobile.svg HTTP/1.1
Host: usply.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Cookie: PHPSESSID=c09cbvrpmebaqstdur8o5gfeh8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 07:34:21 GMT
content-type: image/svg+xml
content-length: 2060
last-modified: Wed, 27 Sep 2023 13:10:46 GMT
etag: "651429d6-80c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

fly.linkcdn.to/v2.5/theme/share-common.css

104.21.68.98

200 OK

19586

URL GET HTTP/2

fly.linkcdn.to/v2.5/theme/share-common.css
IP

104.21.68.98:443
ASN

#13335 CLOUDFLARENET

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectlinkcdn.to

Fingerprint3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15

ValidityWed, 08 Nov 2023 02:33:59 GMT - Tue, 06 Feb 2024 02:33:58 GMT

Magic

ASCII text, with very long lines (24473)

Size

19586
Hash

58a5b83f87c9cead14212a3d42f23df2

97f552c24b11fb7c6c00d769faacbb28f0d492b5

9e448238639792210d43bde27374200528b632a1b2b84ba343b360ec5a35aa8d

HTTP Headers

                                        GET /v2.5/theme/share-common.css HTTP/1.1
Host: fly.linkcdn.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Tue, 21 Nov 2023 07:34:21 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=55416
access-control-allow-origin: *
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
etag: W/"4180f589edeef825d162fffbc61008d9"
last-modified: Wed, 29 Mar 2023 10:26:43 GMT
referrer-policy: same-origin
strict-transport-security: max-age= 63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-id: zj-1L5VMyKwgp1sITj3gB1i-YK95Goc_DcrxPqqUtg-s-RqMgda-yw==
x-amz-cf-pop: OSL50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEsRku3ZlofaLnwU5hXa4sFCDNHv5vAa0%2FH56yxU6%2Fk8dfa5kaeVj%2FdW3HiVI4PSdmuvDNfSj0BGmbIvP9MUGqaRSM%2BO5n3v72KEJDqhvCes5T0SVJofR75n0vw8cGnTPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82973ff1080b0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fly.linkcdn.to/images/verified_sprite.png

104.21.68.98

200 OK

3460

URL GET HTTP/3

fly.linkcdn.to/images/verified_sprite.png
IP

104.21.68.98:443
ASN

#13335 CLOUDFLARENET

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectlinkcdn.to

Fingerprint3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15

ValidityWed, 08 Nov 2023 02:33:59 GMT - Tue, 06 Feb 2024 02:33:58 GMT

Magic

PNG image data, 284 x 72, 8-bit colormap, non-interlaced\012- data

Size

3460
Hash

8302f6a83bd1aec82c83d2830f210470

4399125de0cb0d08ca50698a07756105ce10347a

4d11f37fae309c522c4c45d9f75cb48f0651a09a9d278cddbd19a1a8e31aa9a3

HTTP Headers

                                        GET /images/verified_sprite.png HTTP/1.1
Host: fly.linkcdn.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Tue, 21 Nov 2023 07:34:21 GMT
content-type: image/png
content-length: 3460
last-modified: Tue, 19 Sep 2023 08:47:05 GMT
x-amz-server-side-encryption: AES256
strict-transport-security: max-age= 63072000; includeSubdomains; preload
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
access-control-allow-origin: *
etag: "8302f6a83bd1aec82c83d2830f210470"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nQYpzrlt6HtZAKvpGfK0p8ym5cyxjUK8rX5FoQ8Vr_YuhS_qRC9V9Q==
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FenMMrG1zV9t4qt67sfjcz6%2B0YFB4Bi3zSA4%2BZExo69rixqJs3ex%2FoggoJNDadqggsNr6X%2FmFFlI73lWPrZnnTWnPEjuW0hG9vBx1wPMU9bxDAHm%2BhBmO7KHEU0eboX8Og%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82973ff24aa2568a-OSL
alt-svc: h3=":443"; ma=86400

usply.shop/js/jquery.js

204.44.92.195

200 OK

40131

URL GET HTTP/2

usply.shop/js/jquery.js
IP

204.44.92.195:443
ASN

#8100 ASN-QUADRANET-GLOBAL

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectuspxv.shop

FingerprintE9:90:3E:6B:CC:27:C7:95:D1:F9:BC:DE:19:39:7A:E2:AB:4A:4F:CD

ValidityWed, 15 Nov 2023 11:28:01 GMT - Tue, 13 Feb 2024 11:28:00 GMT

Magic

gzip compressed data, from Unix\012- data

Size

40131
Hash

feb8fb32cbcfd256b9e75f1377a2467d

2fa6e8c0a139ef6bf2864da0e845566cbf803e36

76b79531083a3aa86609cac3607adca03c83b371cf48846130c321891389199a

HTTP Headers

                                        GET /js/jquery.js HTTP/1.1
Host: usply.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Cookie: PHPSESSID=c09cbvrpmebaqstdur8o5gfeh8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 07:34:19 GMT
content-type: application/javascript
last-modified: Sat, 28 Oct 2023 21:30:02 GMT
vary: Accept-Encoding
etag: W/"653d7d5a-155ec"
expires: Tue, 21 Nov 2023 19:34:19 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

fly.linkcdn.to/statics/links/icons-socials/spirit/3.png

104.21.68.98

200 OK

7538

URL GET HTTP/3

fly.linkcdn.to/statics/links/icons-socials/spirit/3.png
IP

104.21.68.98:443
ASN

#13335 CLOUDFLARENET

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectlinkcdn.to

Fingerprint3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15

ValidityWed, 08 Nov 2023 02:33:59 GMT - Tue, 06 Feb 2024 02:33:58 GMT

Magic

PNG image data, 304 x 60, 8-bit/color RGBA, non-interlaced\012- data

Size

7538
Hash

229b5dca08997b920118bf7231011cf2

69c32741e08b5010b65359c627e9d97ddebffb89

aa2a82bbec6afb10324988b2003e61d47a09708b25ac0e2ce3b64950aa2b7a35

HTTP Headers

                                        GET /statics/links/icons-socials/spirit/3.png HTTP/1.1
Host: fly.linkcdn.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Tue, 21 Nov 2023 07:34:21 GMT
content-type: image/png
content-length: 7538
last-modified: Thu, 10 Sep 2020 13:28:40 GMT
etag: "229b5dca08997b920118bf7231011cf2"
strict-transport-security: max-age= 63072000; includeSubdomains; preload
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NbEwTD6xyzmgBUxFq82oGleWrvmxrAazZlifO0fPg-k3UhSdQK8yfQ==
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWAYwIF4gQ%2FIajbzxMFdeJfcB1VlJCddBv56rw1NYZ9cSr7jV761ROQiMgVoRXi%2Brow8qOau%2Bjwz8mBFRv9dL%2BttF7mLef86ZaOwgVpTG7Xg5f9PouKFl7qDAACjYwkUgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82973ff25aad568a-OSL
alt-svc: h3=":443"; ma=86400

fly.linkcdn.to/statics/links/icons-socials/spirit/6.png

104.21.68.98

200 OK

8759

URL GET HTTP/3

fly.linkcdn.to/statics/links/icons-socials/spirit/6.png
IP

104.21.68.98:443
ASN

#13335 CLOUDFLARENET

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectlinkcdn.to

Fingerprint3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15

ValidityWed, 08 Nov 2023 02:33:59 GMT - Tue, 06 Feb 2024 02:33:58 GMT

Magic

PNG image data, 304 x 60, 8-bit/color RGBA, non-interlaced\012- data

Size

8759
Hash

cd115f6d3642f90c79b0af1ae9a93c2f

d65536edb8c54d18b476936f0b24ed0e73f4f930

b106acf20bd4b5ff01ddb53be3c6f3173682ea42b893f31a1400e09de0be9e49

HTTP Headers

                                        GET /statics/links/icons-socials/spirit/6.png HTTP/1.1
Host: fly.linkcdn.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Tue, 21 Nov 2023 07:34:21 GMT
content-type: image/png
content-length: 8759
last-modified: Thu, 10 Sep 2020 13:28:42 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
access-control-allow-origin: *
etag: "cd115f6d3642f90c79b0af1ae9a93c2f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cGKxV1KDe7pzhhWAmOkXIX_j6AAgEkPe_XLz1dIGaHl7Xx14cB_FRQ==
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CEo5jVwVv%2Bcb%2F1CuVux5yliQb3xvOJN%2BZPWzRPzCkYYlXhSXEGv5S4oUkftKjQi1EgT90zTb7038UBgCDMTUovAl4QJtruSFTQAMGCo1Q5NfnMiKvppfh51FGRAW%2BfIsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82973ff26aaf568a-OSL
alt-svc: h3=":443"; ma=86400

fly.linkcdn.to/statics/links/icons-socials/spirit/32.png

104.21.68.98

200 OK

6743

URL GET HTTP/3

fly.linkcdn.to/statics/links/icons-socials/spirit/32.png
IP

104.21.68.98:443
ASN

#13335 CLOUDFLARENET

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectlinkcdn.to

Fingerprint3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15

ValidityWed, 08 Nov 2023 02:33:59 GMT - Tue, 06 Feb 2024 02:33:58 GMT

Magic

PNG image data, 304 x 60, 8-bit/color RGBA, non-interlaced\012- data

Size

6743
Hash

78fd36b0d6c14772a8b46b88817087b3

b738599182b0eb67a9c91501f121a16cebef2d40

e36eaeb05ac9e38a5e6ee0fea36ded8da7707532912f061ef6d445603fb5bfa9

HTTP Headers

                                        GET /statics/links/icons-socials/spirit/32.png HTTP/1.1
Host: fly.linkcdn.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Tue, 21 Nov 2023 07:34:21 GMT
content-type: image/png
content-length: 6743
last-modified: Thu, 10 Sep 2020 13:28:55 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
access-control-allow-origin: *
etag: "78fd36b0d6c14772a8b46b88817087b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xCbflh2618w5kNCOfLe4X3VWWlVDJGnpEe0UkPKBIdkPr9FGr-dEtA==
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ba8KAMj7zmC%2BzF%2BwVTQVGOPtSl%2F%2BzPoqjwhUpj5MlGqC1pE9GhfGBOTarpvmYKFBhlkWipQOr9ZDhQPmmVTT3t%2FWm50AILjiKpF0JWzit9D%2FsLiNIoYyQhyImYakLM6euQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82973ff26ab6568a-OSL
alt-svc: h3=":443"; ma=86400

usply.shop/

204.44.92.195

200 OK

URL User Request GET HTTP/2

usply.shop/
IP

204.44.92.195:443
ASN

#8100 ASN-QUADRANET-GLOBAL

Certificate

IssuerLet's Encrypt

Subjectuspxv.shop

FingerprintE9:90:3E:6B:CC:27:C7:95:D1:F9:BC:DE:19:39:7A:E2:AB:4A:4F:CD

ValidityWed, 15 Nov 2023 11:28:01 GMT - Tue, 13 Feb 2024 11:28:00 GMT

Magic

HTML document, ASCII text, with no line terminators

Size

75
Hash

68e7df233edacfdc78790184c637791e

9f882a555892caf60f1f222df1ff53491cf77881

877cd19129214364af42eb089ce3d79277b7c1789cd881a9b9cc05c314ec1b9a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

                                        GET / HTTP/1.1
Host: usply.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 07:34:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=c09cbvrpmebaqstdur8o5gfeh8; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

usply.shop/css/defaultWhite.css

204.44.92.195

200 OK

3892

URL GET HTTP/2

usply.shop/css/defaultWhite.css
IP

204.44.92.195:443
ASN

#8100 ASN-QUADRANET-GLOBAL

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectuspxv.shop

FingerprintE9:90:3E:6B:CC:27:C7:95:D1:F9:BC:DE:19:39:7A:E2:AB:4A:4F:CD

ValidityWed, 15 Nov 2023 11:28:01 GMT - Tue, 13 Feb 2024 11:28:00 GMT

Magic

ASCII text, with very long lines (4077), with no line terminators

Size

3892
Hash

95acad53b0768c90b018bb9640bef411

de6a6759a13ab2047f504e1c40d8714187c686ad

38eb406caa4b489b3db08f4861407e6cb86a7b484b508ba248d9619864affe5d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

                                        GET /css/defaultWhite.css HTTP/1.1
Host: usply.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Cookie: PHPSESSID=c09cbvrpmebaqstdur8o5gfeh8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 07:34:21 GMT
content-type: text/css
last-modified: Sat, 28 Oct 2023 21:24:40 GMT
vary: Accept-Encoding
etag: W/"653d7c18-f34"
expires: Tue, 21 Nov 2023 19:34:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

fly.linkcdn.to/statics/links/icons-socials/spirit/1.png

104.21.68.98

200 OK

4949

URL GET HTTP/3

fly.linkcdn.to/statics/links/icons-socials/spirit/1.png
IP

104.21.68.98:443
ASN

#13335 CLOUDFLARENET

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectlinkcdn.to

Fingerprint3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15

ValidityWed, 08 Nov 2023 02:33:59 GMT - Tue, 06 Feb 2024 02:33:58 GMT

Magic

PNG image data, 304 x 60, 8-bit/color RGBA, non-interlaced\012- data

Size

4949
Hash

8139cee41cfe4201b9021936e39de717

854f63367081a91a9ac08d16684d6d4f0fbf8075

fc8abacb97d2e71cafbfdd4705d6f914e189d7825edff03d7a95acaca7f98ef1

HTTP Headers

                                        GET /statics/links/icons-socials/spirit/1.png HTTP/1.1
Host: fly.linkcdn.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/3 200 OK
date: Tue, 21 Nov 2023 07:34:21 GMT
content-type: image/png
content-length: 4949
last-modified: Thu, 10 Sep 2020 13:28:40 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
access-control-allow-origin: *
etag: "8139cee41cfe4201b9021936e39de717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ok0CdNAqSz2B4eJ70a5uiAG79a-NpPsYr5LnI2UIjWgFRFEHt5aUIg==
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6ik4zBDRhVZC3YUKrLxlCpLeyZgESkH85OEI8Etz5G1bQfrsIqX1WfvduqfuTR0nZbPoqO%2BysOogjL3tdDah4rw9rFwImiRNgTu2gfnD866Dq8i8ELxGLFGYX9636K9KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82973ff25aa6568a-OSL
alt-svc: h3=":443"; ma=86400

usply.shop/wss/

204.44.92.195

101 Web Socket Protocol Handshake

URL GET HTTP/1.1

usply.shop/wss/
IP

204.44.92.195:443
ASN

#8100 ASN-QUADRANET-GLOBAL

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectuspxv.shop

FingerprintE9:90:3E:6B:CC:27:C7:95:D1:F9:BC:DE:19:39:7A:E2:AB:4A:4F:CD

ValidityWed, 15 Nov 2023 11:28:01 GMT - Tue, 13 Feb 2024 11:28:00 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /wss/ HTTP/1.1
Host: usply.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://usply.shop
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iTcDIpPNU9FFaCIIDIq6Ng==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: PHPSESSID=c09cbvrpmebaqstdur8o5gfeh8
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Web Socket Protocol Handshake
Server: nginx
Date: Tue, 21 Nov 2023 07:34:20 GMT
Connection: upgrade
Upgrade: websocket
WebSocket-Origin: localhost
WebSocket-Location: ws://localhost:12345/websocket/websocket
Sec-WebSocket-Accept: pjH5a/UWu+7ZJ2aqosooxbBmzF8=

usply.shop/css/default.css

204.44.92.195

200 OK

95676

URL GET HTTP/2

usply.shop/css/default.css
IP

204.44.92.195:443
ASN

#8100 ASN-QUADRANET-GLOBAL

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectuspxv.shop

FingerprintE9:90:3E:6B:CC:27:C7:95:D1:F9:BC:DE:19:39:7A:E2:AB:4A:4F:CD

ValidityWed, 15 Nov 2023 11:28:01 GMT - Tue, 13 Feb 2024 11:28:00 GMT

Magic

ASCII text

Size

95676
Hash

d27e915c4c1bf557699170e2a5f24368

d5a1c5b5cd7cb3446fe74ee27040e85dcafcd1b0

5fe6b42ae13a161663373634245e6e2119bccf7f1da46bddc378098447db5226

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service

HTTP Headers

                                        GET /css/default.css HTTP/1.1
Host: usply.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Cookie: PHPSESSID=c09cbvrpmebaqstdur8o5gfeh8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
server: nginx
date: Tue, 21 Nov 2023 07:34:21 GMT
content-type: text/css
last-modified: Sat, 28 Oct 2023 21:24:40 GMT
vary: Accept-Encoding
etag: W/"653d7c18-175bc"
expires: Tue, 21 Nov 2023 19:34:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/mavenpro/v25/7Auup_AqnyWWAxW2Wk3swUz56MS91Eww8Rf21nejpBh8CvRBOA.woff

216.58.207.227

200 OK

12580

URL GET HTTP/2

fonts.gstatic.com/s/mavenpro/v25/7Auup_AqnyWWAxW2Wk3swUz56MS91Eww8Rf21nejpBh8CvRBOA.woff
IP

216.58.207.227:443
ASN

#15169 GOOGLE

Requested by

https://usply.shop/
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD

ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

Magic

Web Open Font Format, TrueType, length 12580, version 1.1\012- data

Size

12580
Hash

c329e5a724e3c186353c4af3a0f791ed

064959ddf1f461974203b7cc61cb168c10a78287

fc9e259669117b3e2c814392798e23871961db27b54ef88731aae886f5c4f58d

HTTP Headers

                                        GET /s/mavenpro/v25/7Auup_AqnyWWAxW2Wk3swUz56MS91Eww8Rf21nejpBh8CvRBOA.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://usply.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 05:08:54 GMT
expires: Fri, 15 Nov 2024 05:08:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 03 Nov 2021 17:05:24 GMT
content-type: font/woff
age: 440727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fly.linkcdn.to/images/favicon.ico

0.0.0.0

URL GET

fly.linkcdn.to/images/favicon.ico
IP

0.0.0.0:0
ASN

#0

Requested by

https://usply.shop/
Certificate

IssuerLet's Encrypt

Subjectlinkcdn.to

Fingerprint3D:81:86:1C:1D:B6:90:42:7E:04:B6:C5:2F:A0:80:38:5A:17:97:15

ValidityWed, 08 Nov 2023 02:33:59 GMT - Tue, 06 Feb 2024 02:33:58 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /images/favicon.ico HTTP/1.1
Host: fly.linkcdn.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usply.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/3 200 OK
date: Tue, 21 Nov 2023 07:34:21 GMT
content-type: image/x-icon
last-modified: Mon, 15 Mar 2021 07:50:44 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
access-control-allow-origin: *
etag: W/"a4cedb09a224bfc2bb7d5c6c90d2c8fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5mfNiRhJS0JsV2i5NASafL8PX4_5uRi3bygwLSXelihCgU-ORZU6UA==
age: 5861
cache-control: max-age=16070400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGWFMJuhpOr63nTg08ifrre85n7qNT2z1rKLNaHIwqQLUOaNh3A5vyO%2BL7OxHQkIRATVmy04YxI%2BaOTpoP5bSIadDwC4%2BX2K%2BMd7yYDh101BVsQqxsI2MExGS089Q%2FUYQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82973ff35b8c568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

#1 JS:Script (size: 87532)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#2 JS:Script (size: 3003)

Introduced by

Inline HTML

Observations

Hash

#3 JS:Script (size: 963)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#4 JS:Script (size: 497)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#1 JS:Write (size: 46)

Observations

Hash

#2 JS:Write (size: 12)

Observations

Hash

#3 JS:Write (size: 0)

Observations

Hash

#4 JS:Write (size: 33)

Observations

Hash

#5 JS:Write (size: 11)

Observations

Hash

#6 JS:Write (size: 53)

Observations

Hash

#7 JS:Write (size: 71)

Observations

Hash

#8 JS:Write (size: 60)

Observations

Hash