Report - rthe.top/

Report Overview

Submitted URL
rthe.top/
IP
155.94.154.11
ASN
#8100 ASN-QUADRANET-GLOBAL
Submitted
2022-12-08 12:21:52
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - US Postal Service

Detections

urlquery
99
Network Intrusion Detection
0
Threat Detection Systems
244

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.114.208
fast.fonts.net	2905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423 B	843 B	104.17.225.78
tools.usps.com	12881	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	1.3 kB	192.229.221.165
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
rthe.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	32 kB	332 kB	155.94.154.11
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.4 kB	93.184.220.29
www.usps.com	11794	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	81 kB	192.229.221.165
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.33.119.27
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service
2022-12-07	medium	rthe.top/	United States Postal Service

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-08	medium	rthe.top/	Phishing
2022-12-08	medium	rthe.top/	Phishing
2022-12-08	medium	rthe.top/assets/OneLinkUsps.js	Phishing
2022-12-08	medium	rthe.top/assets/header-init-search.js	Phishing
2022-12-08	medium	rthe.top/assets/megamenu-additions.js	Phishing
2022-12-08	medium	rthe.top/assets/megamenu.js	Phishing
2022-12-08	medium	rthe.top/assets/ge-login.js	Phishing
2022-12-08	medium	rthe.top/assets/hamburger.svg	Phishing
2022-12-08	medium	rthe.top/assets/logo_mobile.svg	Phishing
2022-12-08	medium	rthe.top/assets/tracking.svg	Phishing
2022-12-08	medium	rthe.top/assets/metrics-all.js	Phishing
2022-12-08	medium	rthe.top/assets/mailman.svg	Phishing
2022-12-08	medium	rthe.top/assets/optimize.js	Phishing
2022-12-08	medium	rthe.top/assets/location.svg	Phishing
2022-12-08	medium	rthe.top/assets/require-jquery.js	Phishing
2022-12-08	medium	rthe.top/assets/helpers.js	Phishing
2022-12-08	medium	rthe.top/assets/search-fe.js	Phishing
2022-12-08	medium	rthe.top/assets/stamps.svg	Phishing
2022-12-08	medium	rthe.top/assets/schedule_pickup.svg	Phishing
2022-12-08	medium	rthe.top/assets/calculate_price.svg	Phishing
2022-12-08	medium	rthe.top/assets/jquery.min.js(1).download	Phishing
2022-12-08	medium	rthe.top/assets/resize-manager.js	Phishing
2022-12-08	medium	rthe.top/assets/find_zip.svg	Phishing
2022-12-08	medium	rthe.top/assets/holdmail.svg	Phishing
2022-12-08	medium	rthe.top/assets/change_address.svg	Phishing
2022-12-08	medium	rthe.top/assets/po_box.svg	Phishing
2022-12-08	medium	rthe.top/assets/free_boxes.svg	Phishing
2022-12-08	medium	rthe.top/assets/modernizr.js	Phishing
2022-12-08	medium	rthe.top/assets/featured_clicknship.svg	Phishing
2022-12-08	medium	rthe.top/assets/logo-sb.svg	Phishing
2022-12-08	medium	rthe.top/assets/require.js	Phishing
2022-12-08	medium	rthe.top/assets/jquery-3.5.1.js	Phishing
2022-12-08	medium	rthe.top/assets/search.svg	Phishing
2022-12-08	medium	rthe.top/assets/jquery.min.js	Phishing
2022-12-08	medium	rthe.top/assets/jquery-3.2.1.js	Phishing
2022-12-08	medium	rthe.top/global-elements/header/images/utility-header/mailman.svg	Phishing
2022-12-08	medium	rthe.top/global-elements/header/images/package-intercept.svg	Phishing
2022-12-08	medium	rthe.top/global-elements/header/images/schedule-redelivery.svg	Phishing
2022-12-08	medium	rthe.top/global-elements/header/images/icon-personalize-stamped-envelopes.svg	Phishing
2022-12-08	medium	rthe.top/assets/optimize.js	Phishing
2022-12-08	medium	rthe.top/images/nav-red-chevron.svg	Phishing
2022-12-08	medium	rthe.top/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2	Phishing
2022-12-08	medium	rthe.top/fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2	Phishing
2022-12-08	medium	rthe.top/fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2	Phishing
2022-12-08	medium	rthe.top/assets/jquery.min.js(1).download	Phishing
2022-12-08	medium	rthe.top/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff	Phishing
2022-12-08	medium	rthe.top/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff	Phishing
2022-12-08	medium	rthe.top/fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff	Phishing
2022-12-08	medium	rthe.top/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf	Phishing
2022-12-08	medium	rthe.top/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf	Phishing
2022-12-08	medium	rthe.top/fonts/2381d918-136d-444f-8391-db0cba6da388.ttf	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	rthe.top/assets/ge-login.js	9.3 kB	2023-03-07	2024-04-17
Pretty URL rthe.top/assets/ge-login.js IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:04 Last Seen2024-04-17 18:24:11 Times Seen1127 Hash 252bc5d05d5ac9f132978968489a9b37 49cfe0b8d8d08038bf070f11addd9ab53c9ae67e 12de71624f55c7c5e1f462fdfde80f207c449f478917d21c82e65f5b9672cbfd Loading...

	rthe.top/assets/metrics-all.js	11 kB	2023-03-07	2024-04-17
Pretty URL rthe.top/assets/metrics-all.js IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:04 Last Seen2024-04-17 18:24:10 Times Seen1224 Hash 65ab5df156a2a51b278f9967fc154f28 db841daeeb75283b73216a616f52489f6f3bebc3 c7a923623e0ef6cf3ec2c4afa6b3f757ee1f183ac9503e7295629fff50a27597 Loading...

	rthe.top/assets/require.js	17 kB	2023-03-08	2023-06-05
Pretty URL rthe.top/assets/require.js IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:59:32 Last Seen2023-06-05 03:01:51 Times Seen15 Hash 387f3c7fb7d2c660a18ae5d9875f311f 1e07462974a1596eff2a3b538482ee70f1638815 ea5e205cdfcbed0d2bac39776930c2d264fee3cd50d6f7deef4401c4321973ff Loading...

	rthe.top/assets/header-init-search.js	904 B	2023-03-07	2024-04-18
Pretty URL rthe.top/assets/header-init-search.js IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 06:14:36 Times Seen6677 Hash d8cb563907e68e9649948c6f521efe60 f5b7cf8123929db8162a2af51d07dd11c21fbac3 fd1e9eadb5698c1bc534ef8a75303b3b67f5e1ab7d1b217b27b09da42aa5036a Loading...

	www.usps.com/global-elements/lib/script/helpers.js	695 B	2023-03-07	2024-04-18
Pretty URL www.usps.com/global-elements/lib/script/helpers.js IP 192.229.221.165 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 06:14:36 Times Seen9078 Hash 5372347b4f98f60b33579180ef6a3567 02064f1641c40b35c14a0da9ee310de54ff76cd5 7fa317b049ed33139394313aba29f27b7f11a226270bf10ce1c26d674c0177e4 Loading...

	rthe.top/	71 B	2023-03-08	2024-01-30
Pretty URL rthe.top/ IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:01:10 Last Seen2024-01-30 04:41:13 Times Seen14 Hash 604d12b864b8b36b28fc8e882227adc3 2603cc3e1564b73f12d7ebd4b27fdc29e8371792 788807357821d1d0732dec06a00f0520e986e8c6a235121bde272cce39ee3ab2 Loading...

	rthe.top/assets/megamenu.js	14 kB	2023-03-07	2024-04-17
Pretty URL rthe.top/assets/megamenu.js IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-17 18:24:11 Times Seen3806 Hash f91cb845e3581dd07e23db07e02c2366 ffb9ee2cad8c59914fcc3000ba8153a167036738 df75a5a617c9d258b4127a64b9c19a4c2c8b95b2036b97530a3d513c672cf110 Loading...

	rthe.top/assets/modernizr.js	11 kB	2023-03-08	2023-10-16
Pretty URL rthe.top/assets/modernizr.js IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:59:32 Last Seen2023-10-16 14:19:26 Times Seen19 Hash fc1e43b33cc75d5cdfdb701a29f94055 f9565bb68af047675e8eb983ad4ffb446461e603 31c7f589cf2be9cc7ca605ea009a0163763367923da67601da4529e38d0657b0 Loading...

	rthe.top/assets/jquery.min.js	85 kB	2023-03-08	2023-10-16
Pretty URL rthe.top/assets/jquery.min.js IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:59:32 Last Seen2023-10-16 14:19:26 Times Seen22 Hash 9472811687663792a5c9aef8ca6ce7ef d69f14037db316f37ea79f8a40d5da4af11043bb 9f40ab6d8d22d8707f996e44de7af3ed80112d5d35a2e365fa4cd65918592bb1 Loading...

	rthe.top/assets/jquery-3.2.1.js	87 kB	2023-03-07	2024-04-18
Pretty URL rthe.top/assets/jquery-3.2.1.js IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:24 Last Seen2024-04-18 23:07:08 Times Seen2179 Hash 473957cfb255a781b42cb2af51d54a3b 67bdacbd077ee59f411109fd119ee9f58db15a5f 75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35 Loading...

	rthe.top/assets/OneLinkUsps.js	3.6 kB	2023-03-07	2024-04-18
Pretty URL rthe.top/assets/OneLinkUsps.js IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 06:14:36 Times Seen6038 Hash b60628830a1d34363f98c9443b856555 ba386fdd91d2db7fb6749982caa78bef59028077 68482663e769a15815d142d88f7a4d8105c02fe2bd37a9899a019b518f17a2b3 Loading...

	www.usps.com/global-elements/header/script/search-fe.js	2.3 kB	2023-03-07	2024-04-18
Pretty URL www.usps.com/global-elements/header/script/search-fe.js IP 192.229.221.165 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 06:14:36 Times Seen8113 Hash f7f70265f5cf47386622e433317412cb e1b28284e51c848685c7ea6d19ff551284c58e8a 766a3dfb7dab82af4fae555132f7fdbacb7d167f17015fbb23c9591daaaf698b Loading...

	rthe.top/assets/resize-manager.js	1.0 kB	2023-03-07	2024-04-18
Pretty URL rthe.top/assets/resize-manager.js IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 06:14:36 Times Seen8837 Hash 90d8fb00194d91e9dd20281817c285d6 e7e37421b14a39e0d3787988a52a45d27ec3761f 479b585bb1f3ca011746467c115b58ca0cd6ac62aa68c9d953635b3344953887 Loading...

	rthe.top/assets/megamenu-additions.js	1.3 kB	2023-03-07	2024-04-18
Pretty URL rthe.top/assets/megamenu-additions.js IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 06:14:36 Times Seen6018 Hash 847cc8bd91110ff714275c5a29fbd404 cff690cc070f9539cc1c325ed150b819018e8df7 a33554bd04b3364c1e47b719799ae0df426bb17f9c8ec422bb346227534ebdbd Loading...

	rthe.top/	829 B	2023-03-08	2024-01-30
Pretty URL rthe.top/ IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:01:10 Last Seen2024-01-30 04:41:13 Times Seen14 Hash aae0894ae77a61c016b65d8b11772942 b9d5e2dfc7cb271835b1b7103485f0ee304012ce 91e52cf83e2940e7ed8e080edceeb8cdb827fdd2fc80669dbd123b3bf87f4372 Loading...

	www.usps.com/global-elements/lib/script/require-jquery.js	74 B	2023-03-07	2024-04-18
Pretty URL www.usps.com/global-elements/lib/script/require-jquery.js IP 192.229.221.165 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 06:14:36 Times Seen9102 Hash ea38e8196b75d9720bc3902d6d735130 165284464c58d7f213c1211f2c433873299e4527 cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9 Loading...

	rthe.top/assets/search-fe.js	2.2 kB	2023-03-07	2024-04-17
Pretty URL rthe.top/assets/search-fe.js IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:04 Last Seen2024-04-17 18:24:11 Times Seen1528 Hash 418d20c9da7f39976dcd043467cd9c05 242c058aa62349fe3fa781ce9ef622f882c73d6a 55bf60330b23f3982e77dd63d9796997da15a61bddec70142f2c7eefed880c66 Loading...

	rthe.top/assets/jquery-3.5.1.js	90 kB	2023-03-07	2024-04-18
Pretty URL rthe.top/assets/jquery-3.5.1.js IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 06:14:36 Times Seen12820 Hash 9ac39dc31635a363e377eda0f6fbe03f 29fa5ad995e9ec866ece1d3d0b698fc556580eee 9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38 Loading...

	rthe.top/	157 B	2023-03-08	2023-03-08
Pretty URL rthe.top/ IP 155.94.154.11 ASN #8100 ASN-QUADRANET-GLOBAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:06:41 Last Seen2023-03-08 23:12:41 Times Seen1 Hash 541c4faf9f0d522ea07c90a1a54daa1a c67b94aabe0aa222c4b8cf2f3f3569e0ff8c58a4 ff7d595cd6470ab90bce0e7ca6827a898c4930fe208dfd9ac395434dd03bad3c Loading...

HTTP Transactions (123)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5222
Expires: Thu, 08 Dec 2022 13:48:43 GMT
Date: Thu, 08 Dec 2022 12:21:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2981
Expires: Thu, 08 Dec 2022 13:11:22 GMT
Date: Thu, 08 Dec 2022 12:21:41 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 12:08:12 GMT
content-type: application/json
age: 809
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2646
Expires: Thu, 08 Dec 2022 13:05:47 GMT
Date: Thu, 08 Dec 2022 12:21:41 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: BtLMrz3t2SNkXM/kwjBqhvSlxlTWX0bUZoX1SwVPD/ISXCD9V4g6Zl4ucig7gqjBkvc7E2ayfFw=
x-amz-request-id: HEBDAYZ3YR59HDCZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 11:49:46 GMT
age: 1915
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

rthe.top/

155.94.154.11

301 Moved Permanently

283 B

URL HTTP/1.1
rthe.top/
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
283 B (283 bytes)
Hash
2362e3c3e40daddd14da0acb6ed710e7
ce8b621a4687ca5d44c420e68401c651dad7f293
435799ad314d198d5514c8a6308cc4779b152b789bd6ea9cd26a20eccc2be07b

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 12:21:41 GMT
Server: Apache
Location: https://rthe.top/
Content-Length: 283
Connection: close
Content-Type: text/html; charset=iso-8859-1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 12:21:41 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 12:07:55 GMT
age: 827
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1374b1eda94c776c9efd1ee1f8a9c752
b1b0dc6b2cbb850e19683f3e64027afe78445185
6a41337060f612f80051f767ee1304375e3991d438822676b3731ea0cecbb2b8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A41337060F612F80051F767EE1304375E3991D438822676B3731EA0CECBB2B8"
Last-Modified: Wed, 07 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21586
Expires: Thu, 08 Dec 2022 18:21:28 GMT
Date: Thu, 08 Dec 2022 12:21:42 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 572
Cache-Control: max-age=161682
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 12:21:42 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:16:24 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

rthe.top/

155.94.154.11

200 OK

9.7 kB

URL HTTP/2
rthe.top/
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (984), with CRLF, LF line terminators
Size
9.7 kB (9746 bytes)
Hash
cbb24dade2d6d55d0db0f288b5fb7641
006ed5e3eaab9e88281401c76c3a9ec84a7230cd
eca6b4f10eb80274cfd1668ae47e699ac6d445d5cb7652fc39f2bf5cc2ef83c8

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 9746
content-type: text/html; charset=UTF-8
date: Thu, 08 Dec 2022 12:21:42 GMT
server: Apache
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.163.114.208

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.114.208:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FDw2kzUrGRMzmL1QynCxfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PQKLzlugmjwNxEWVvMM7XocvGhE=

rthe.top/assets/footer.css

155.94.154.11

200 OK

974 B

URL HTTP/2
rthe.top/assets/footer.css
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (2933), with no line terminators
Size
974 B (974 bytes)
Hash
b611fdf100b35a33f41b3ce5481140ea
6a1dbe40f2e5794b049429f90704e654202e9c6a
7d9057f5e50850fcf2328dc405d8ee26149524f4afcbaf419f83e0b3e7aa52a9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/footer.css HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "b75-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 974
content-type: text/css
date: Thu, 08 Dec 2022 12:21:42 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/calendar.css

155.94.154.11

200 OK

2.6 kB

URL HTTP/2
rthe.top/assets/calendar.css
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (14589), with no line terminators
Size
2.6 kB (2579 bytes)
Hash
08db95a016165b8d14a144668b7e064a
92d6357bc5733087226e84420a95a6d40f9662e1
25afbe8a97386e1a035d5f7110657ba82542d0674d774639a9a43876512680a8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/calendar.css HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "38fd-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2579
content-type: text/css
date: Thu, 08 Dec 2022 12:21:42 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/bootstrap.min.css

155.94.154.11

200 OK

20 kB

URL HTTP/2
rthe.top/assets/bootstrap.min.css
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (65367), with CRLF line terminators
Size
20 kB (19697 bytes)
Hash
fb321e216c5aaffae3122d5acabd1201
2082842c83dd1806a6fde2654f93ac777b943735
82da02c22cdfe1f7d833481b1b6599653ae8ef50faccbddebfd1daffbd66a739

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/bootstrap.min.css HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "1d907-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 19697
content-type: text/css
date: Thu, 08 Dec 2022 12:21:42 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/tracking-cross-sell.css

155.94.154.11

200 OK

1.0 kB

URL HTTP/2
rthe.top/assets/tracking-cross-sell.css
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (3075), with no line terminators
Size
1.0 kB (1048 bytes)
Hash
797100b379ef4b459b884be14bbb6e4f
0683d9a3ead422cbf0e163d0ae0d61e51d6f1236
bbf22e1882686844926ae028f381e94def083d8b511f80edc3cfb5d8ccfa781f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/tracking-cross-sell.css HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "c03-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1048
content-type: text/css
date: Thu, 08 Dec 2022 12:21:42 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/datepicker3.css

155.94.154.11

200 OK

2.4 kB

URL HTTP/2
rthe.top/assets/datepicker3.css
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (20872), with CRLF line terminators
Size
2.4 kB (2427 bytes)
Hash
a4d56823788b23b642e101b4fb01a6d3
07b5966754817381bb23fd1551cacbfa0d52a835
505281ab1095953c21617f83a544674471b731e1237f3bee4989338a3b650d7f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/datepicker3.css HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "5283-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2427
content-type: text/css
date: Thu, 08 Dec 2022 12:21:42 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/schedule-redelivery.css

155.94.154.11

200 OK

4.7 kB

URL HTTP/2
rthe.top/assets/schedule-redelivery.css
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (23038), with no line terminators
Size
4.7 kB (4697 bytes)
Hash
7083e43ac731afa1f12fc1ccd3c73041
338ebbbf9236f1f96ee0bf5e6d7a09a2b6ba7c37
0904b54d0a25d43cc0e642c3e8a265ec388db2684af6f28c28cfcc6fa7f037c1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/schedule-redelivery.css HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "59fe-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4697
content-type: text/css
date: Thu, 08 Dec 2022 12:21:42 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/jquery-ui.min.css

155.94.154.11

200 OK

7.9 kB

URL HTTP/2
rthe.top/assets/jquery-ui.min.css
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (29153), with CRLF line terminators
Size
7.9 kB (7869 bytes)
Hash
770266d7d40da4ad1a7b171b6d167346
f8893a9442af6605400881396fe06f56c93bd23f
b74ed12758ecf80f0ee74d841fbe5beabec873ab3b66e98bfd893983fb0eee96

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/jquery-ui.min.css HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "7d19-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7869
content-type: text/css
date: Thu, 08 Dec 2022 12:21:42 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/main.css

155.94.154.11

200 OK

13 kB

URL HTTP/2
rthe.top/assets/main.css
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (49380), with CRLF line terminators
Size
13 kB (13316 bytes)
Hash
0629df515c3337dd9f74dc8f0e4f0e79
8cd4de7ede879ded247fdae4e460cd8081512c78
f2f809ebd86c9a6585d94e104b4fc9abdeb58e855c5a0a3b1c39109c9c1821cb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/main.css HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "1370f-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13316
content-type: text/css
date: Thu, 08 Dec 2022 12:21:42 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/custom/express_style.css

155.94.154.11

200 OK

1.3 kB

URL HTTP/2
rthe.top/assets/custom/express_style.css
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with CRLF line terminators
Size
1.3 kB (1334 bytes)
Hash
69ff6961bcbdb786b7534215a6fcb0f8
7e8428cec14ee1b7d87326239b744e00e4b08c40
cad1eb77103ee3f636551922509c556de97330243908243df7378e0e8981c5d4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/custom/express_style.css HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "10be-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1334
content-type: text/css
date: Thu, 08 Dec 2022 12:21:42 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/megamenu-v2.css

155.94.154.11

200 OK

6.9 kB

URL HTTP/2
rthe.top/assets/megamenu-v2.css
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (44725), with no line terminators
Size
6.9 kB (6934 bytes)
Hash
cdb0b5a380d76f89923182936ea8add4
3953994e68f4d835d930763240beeb62f6f55ab3
0a0198fb984febee0fa81c24e6de5b11439e27dc87428c647213f7d505da1174

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/megamenu-v2.css HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "aeb5-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6934
content-type: text/css
date: Thu, 08 Dec 2022 12:21:42 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
fd691684d08035e788b23a114357a845
8ea4ac463b8e1a204fb87b285a7493e82422d29f
4209193e6657347d79a63b8ca27ebf20e0d41ba6bb6bc747304c64235135d886

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5557
Cache-Control: max-age=120219
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 12:21:43 GMT
Etag: "6390f3bd-117"
Expires: Fri, 09 Dec 2022 21:45:22 GMT
Last-Modified: Wed, 07 Dec 2022 20:12:45 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279

fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0

104.17.225.78

200 OK

0 B

URL HTTP/2
fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0
IP
104.17.225.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 12:21:43 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: T0ZH1hXNoB6jtguc1LneBuShAW+pnL1xXkATYgstf9s/Ek+CPWrz2AkHZOlSFb4Uzx1M4Yl24Z8=
x-amz-request-id: PR33JFF0ZQ6CYPJT
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 452956
accept-ranges: bytes
set-cookie: __cf_bm=0pKd5DdEkS.1jshbW5n_lyTfCRA752W2_e6bWLWUoUI-1670502103-0-Ae6j39V4hwmxXOqO0RQ7qwVdRKXBLBJmbKOs9WN+jsu0O70jwr4vHBDIaAVq/umPqqYYWkfm0z/+SqYzP45tVHE=; path=/; expires=Thu, 08-Dec-22 12:51:43 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 77657660c8120b69-OSL
X-Firefox-Spdy: h2

rthe.top/assets/footer-sb.css

155.94.154.11

200 OK

948 B

URL HTTP/2
rthe.top/assets/footer-sb.css
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (3179), with CRLF line terminators
Size
948 B (948 bytes)
Hash
f3acd9a18becfb87676e409420d5a927
93725131bbdc90c3f69c03b885e4cad0ff0f6700
cef7622380ea31cdcbfbb1dd95a85919ccdfef03945534aa620d9c0a8f5b1b8b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/footer-sb.css HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "c6d-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 948
content-type: text/css
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/OneLinkUsps.js

155.94.154.11

200 OK

1.1 kB

URL HTTP/2
rthe.top/assets/OneLinkUsps.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1067 bytes)
Hash
eb0bb187b7bffe4cb376b1e1b16fc7f5
819a3650aaf6498d89dbab4803d8857f34fd888a
2f0451d1ef71661fc4088dde8d5598024e9e8e969b95c6c7d018566513d7c928

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/OneLinkUsps.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "e37-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1067
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/main-sb.css

155.94.154.11

200 OK

2.8 kB

URL HTTP/2
rthe.top/assets/main-sb.css
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (8795), with CRLF line terminators
Size
2.8 kB (2804 bytes)
Hash
1dc4005b2360468b7b7e229516801921
ab2c4f75d79db1c5810fe1942936cb24aabbe1ce
9e500b4c94485ed27295777b75e0ef325189b8d929e695e7bdc7728527b4b9df

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/main-sb.css HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "225d-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2804
content-type: text/css
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/header-init-search.js

155.94.154.11

200 OK

333 B

URL HTTP/2
rthe.top/assets/header-init-search.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with CRLF line terminators
Size
333 B (333 bytes)
Hash
9673ae677904a3355314af8be4df2483
e6458d61b4d532f9d6b3574f3ad525820fc14790
ea58539a8d67fbe400e5c6279a761239e34b0ebef65764bfd6cf14989b8a6140

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/header-init-search.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "388-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 333
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/qt.css

155.94.154.11

200 OK

9.9 kB

URL HTTP/2
rthe.top/assets/qt.css
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1599), with CRLF line terminators
Size
9.9 kB (9860 bytes)
Hash
b1d68e38020224c3275cee2431713dca
f96c35b60aecc723b2a304c2c6b930f8dbd5f7ef
0570491c969dd2f3e70c1a3b71c1a0448b2ebf977f75d73262be90e0b8e18f52

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/qt.css HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "c882-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9860
content-type: text/css
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/megamenu-additions.js

155.94.154.11

200 OK

530 B

URL HTTP/2
rthe.top/assets/megamenu-additions.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with CRLF line terminators
Size
530 B (530 bytes)
Hash
cc9e399d7dba7d353f80760d5e2d020f
68520e86e59a63ed4a5582db884b4c13f93c30e4
75ac232e18210a0cf17e7ed41c0f118a7ba90924c659ec67560adba649bb4f1b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/megamenu-additions.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "541-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 530
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/megamenu.js

155.94.154.11

200 OK

3.0 kB

URL HTTP/2
rthe.top/assets/megamenu.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (3410), with CRLF line terminators
Size
3.0 kB (2994 bytes)
Hash
3e9f46871edb7da82c271e157123c697
4f1b9761c1319bc5ae4fdf9edf4de71dabbc9530
05824529af096f21d4870b4dc8e3c3616448ad99b3f02fcd46773b489bfbc520

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/megamenu.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "3651-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2994
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/ge-login.js

155.94.154.11

200 OK

2.6 kB

URL HTTP/2
rthe.top/assets/ge-login.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with CRLF line terminators
Size
2.6 kB (2617 bytes)
Hash
3efd893ccad05634ab2499059f5d446d
bf36caa117998cceece69a13813d7ce9a01fc49b
b61eaac6cf7662b171c27ac6cb59554e32f8c2d66a6988e192d67ed54228e20f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/ge-login.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "245d-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2617
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/hamburger.svg

155.94.154.11

200 OK

295 B

URL HTTP/2
rthe.top/assets/hamburger.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Size
295 B (295 bytes)
Hash
a056d2a67ca985210493530a528c8ef7
bcdec0870533a10ecd488e91481e13b3cbf39b63
91e4c26b078c3ffe89989a50af85b21b08a4e2a08b7d6db5cc9a67f7d8c66d02

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/hamburger.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "22d-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 295
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/logo_mobile.svg

155.94.154.11

200 OK

908 B

URL HTTP/2
rthe.top/assets/logo_mobile.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
908 B (908 bytes)
Hash
bd23bec0b762655a1f6245c929b8d424
640178557a946360d7a160acc1c4ea52ff313258
919beb8f1a11326db3f1464fd7b2ae92ec2061a3a7091ceeae8d8a1f5c8092ae

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/logo_mobile.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "80c-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 908
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/tracking.svg

155.94.154.11

200 OK

844 B

URL HTTP/2
rthe.top/assets/tracking.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
844 B (844 bytes)
Hash
df358064d9a3e5fdf09fb9cc04559199
fa3e1c6d16a1aa2c2a12fc7eaf39f8e84d08312c
0e984ade03c77408d3ec03bc8b027a67745a3534f37e8c55f72fd48e72289ce5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/tracking.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "619-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 844
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/metrics-all.js

155.94.154.11

200 OK

3.2 kB

URL HTTP/2
rthe.top/assets/metrics-all.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with CRLF line terminators
Size
3.2 kB (3215 bytes)
Hash
5bd74908cfaf25023eab69ff6325ebad
dd70974f298312d49d98a4e8066152d84cc92826
c5836d588801c67621ffecad7b9c99a1939be3c6ea9c442d74d12004b85d3438

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/metrics-all.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "2bde-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3215
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/mailman.svg

155.94.154.11

200 OK

903 B

URL HTTP/2
rthe.top/assets/mailman.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
903 B (903 bytes)
Hash
9fee84a7b8e4977be6f582e65d2aad2f
1f4a5111183554a19e4676c1a44fe9ee99681b23
a4e36bb3bfbc490e9d6a8aa7f74a78fe92f13e8849d0a4e93b60bf61180e2d79

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/mailman.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "738-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 903
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/optimize.js

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/assets/optimize.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/optimize.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/location.svg

155.94.154.11

200 OK

1.2 kB

URL HTTP/2
rthe.top/assets/location.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1209 bytes)
Hash
34a7de74809276c444c11adc2ee2548a
b5bbe7d68582af73cbeed0d626204c5e77498599
e1bcd09ac1d25e2966c793dad31851895239753f917ca753a6f04d508c41b760

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/location.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "a1a-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1209
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/require-jquery.js

155.94.154.11

200 OK

92 B

URL HTTP/2
rthe.top/assets/require-jquery.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with no line terminators
Size
92 B (92 bytes)
Hash
6ce214c362fc1910a6ccda7dde4f1628
a3c400aa0daaa3a2f5b285feccb369e35b486a89
20c4e055502233d4088725a990c6d26894639753e810ae967bfa21915ea61be7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/require-jquery.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "4a-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 92
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/helpers.js

155.94.154.11

200 OK

358 B

URL HTTP/2
rthe.top/assets/helpers.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (695), with no line terminators
Size
358 B (358 bytes)
Hash
2fc1a84aa717ba9ca2584c632d0bfb42
e3f89c1d5741bd85f5b20923a71a53115d0aa6b4
faac3ddb5c8775e66d1d0d3fa7f81695abe17c196589f02d31cd1bc9e91fcac3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/helpers.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "2b7-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 358
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/search-fe.js

155.94.154.11

200 OK

912 B

URL HTTP/2
rthe.top/assets/search-fe.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (2235), with no line terminators
Size
912 B (912 bytes)
Hash
fc888dcbfa3def650e24177230959bf7
924d1550865e34c9bf7948b60f13bd2901257f96
988300b681f9befd23f6cad2858c0eaf800ed4d085bdf37bc272b1f95afb3ce3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/search-fe.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "8bb-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 912
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/stamps.svg

155.94.154.11

200 OK

551 B

URL HTTP/2
rthe.top/assets/stamps.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
551 B (551 bytes)
Hash
473959a921d63844bfca913bdd647b86
0c3dcff1f1590f7e849a243024bbf750334f27c7
1e96b78b600d7a126ce207ba09b15fc7d139d27f3da90cdaf2cbf9c3a7c13f67

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/stamps.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "44f-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 551
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/schedule_pickup.svg

155.94.154.11

200 OK

923 B

URL HTTP/2
rthe.top/assets/schedule_pickup.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
923 B (923 bytes)
Hash
6e782ed8ead72b9c2b30eb8ea98187ec
6a3fa08e1d9337920d087bbc7a959b9d4d326898
933ea7499f489e16c2a30f006945636869ddc2b47bb330fb2fec0f57c44939c0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/schedule_pickup.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "6ef-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 923
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/calculate_price.svg

155.94.154.11

200 OK

772 B

URL HTTP/2
rthe.top/assets/calculate_price.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
772 B (772 bytes)
Hash
7da320f36dbec5db0155f8acf3c3e01f
0992c0aea45598de82500c3355a8592de1dbf1b2
f24aada878541d572bbe98fd32775e988625e502d12a0f02de7912347812ed8c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/calculate_price.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "8fe-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 772
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/jquery.min.js(1).download

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/assets/jquery.min.js(1).download
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/jquery.min.js(1).download HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/resize-manager.js

155.94.154.11

200 OK

468 B

URL HTTP/2
rthe.top/assets/resize-manager.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (1040), with no line terminators
Size
468 B (468 bytes)
Hash
c3b3701e4d93d1bd2e169501de0388d8
67ac4802c71a748fc8cd2d4e847dd423029fc61a
7fce227383dd0cbd23ae0fe59344a713851b2d6d3f590b59ea192926448ec589

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/resize-manager.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "410-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 468
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/find_zip.svg

155.94.154.11

200 OK

793 B

URL HTTP/2
rthe.top/assets/find_zip.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
793 B (793 bytes)
Hash
7138d9e048926785f5a7609e6af8b5ff
891564b452b04a8762af39bab5db29319b793b71
f115211fc7a8c69e069820271283f2cf84c3e071e050bbc44778d7e15b8c4e4f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/find_zip.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "5bf-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 793
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/holdmail.svg

155.94.154.11

200 OK

768 B

URL HTTP/2
rthe.top/assets/holdmail.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
768 B (768 bytes)
Hash
105347570302f32dbda804910de6cbd6
28bb230d50c51c108fdd3f2276d0e8fa2ca1bd82
1906c7cbea0ffb86914aaff0f63b344ce036c5fa0bdd25d7e898b24f07ee2de8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/holdmail.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "5a8-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 768
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/change_address.svg

155.94.154.11

200 OK

935 B

URL HTTP/2
rthe.top/assets/change_address.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
935 B (935 bytes)
Hash
8b5a8192d6d9bab07ba9363d48031e8d
9bfb0814d54c9e35c66f3b6231ab6662a2596b20
b5f023b16827792c716e84ed62f9dbe1b87bf68bf3052ab20ab82ccd4ac4b2ac

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/change_address.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "74d-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 935
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/po_box.svg

155.94.154.11

200 OK

848 B

URL HTTP/2
rthe.top/assets/po_box.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
848 B (848 bytes)
Hash
1d88a7c92e6c58ab328fb0f274d71799
dfc51974e2f17968b8e7e86e2ac8496735fbfce1
b10c2e5eb3a7281e8bd0f21c6bcdbf8b6a593e3ec063242e98ac465d53d353ac

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/po_box.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "667-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 848
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/free_boxes.svg

155.94.154.11

200 OK

643 B

URL HTTP/2
rthe.top/assets/free_boxes.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
643 B (643 bytes)
Hash
40b492a5e65c0654e8b162cad3795475
1d89fce0b15dfb9e85b171a98dfd7701336ec363
f95845daaef3450ec7b6d0d14a6f9125cef5552e4fae068338512924a27a76c5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/free_boxes.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "42a-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 643
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/modernizr.js

155.94.154.11

200 OK

4.6 kB

URL HTTP/2
rthe.top/assets/modernizr.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document, ASCII text, with very long lines (11084), with CRLF line terminators
Size
4.6 kB (4630 bytes)
Hash
8f86553c5510c1ce5e10be0e637975da
8e36b22d134efe178745470eebe8406d75bd606c
749913304986cf0066657d9b8b548aace331a29356679d6fee71612157141fde

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/modernizr.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "2c04-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4630
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/featured_clicknship.svg

155.94.154.11

200 OK

493 B

URL HTTP/2
rthe.top/assets/featured_clicknship.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Size
493 B (493 bytes)
Hash
b93c4c39b88fca2acefa761a420a96e3
bf6507826fae68fd0c9bab378ebad29d32f00465
7f343f565aa96c3ae50cfd1180d0583b043e6d233326da227a0695afee85c6df

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/featured_clicknship.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "436-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 493
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/logo-sb.svg

155.94.154.11

200 OK

1.6 kB

URL HTTP/2
rthe.top/assets/logo-sb.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.6 kB (1610 bytes)
Hash
c8cd694091256e9e622db809e3604157
0876363e046c8fd1cc641a74477847bca1e3f325
4c1f2d664fb8e66307932ba589cd6a50eaed3b33a300bd1aa51ec9014ebe5f5f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/logo-sb.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "de5-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1610
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/require.js

155.94.154.11

200 OK

6.5 kB

URL HTTP/2
rthe.top/assets/require.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (17192), with CRLF line terminators
Size
6.5 kB (6538 bytes)
Hash
9dece010ade1d34a9920237e9a528853
b7c932486a73efb8a9b39758c7217b69748a1ba1
c0299aeb8c42f75301ca7e3c940e18a3e4cf546f55660ae31c349674ca8b12a0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/require.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "4416-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6538
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/go-now(1).png

155.94.154.11

200 OK

8.0 kB

URL HTTP/2
rthe.top/assets/go-now(1).png
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (8026 bytes)
Hash
49754396635190a6532dd376acc76ee1
526df243e2adbf5719b082c5e04190ed40209ccd
0962cc2915393132882747bf55b069572324019764af92ec02d5d0249bfdff99

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/go-now(1).png HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "1f5a-5ec97acbf7a80"
accept-ranges: bytes
content-length: 8026
content-type: image/png
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/jquery-3.5.1.js

155.94.154.11

200 OK

31 kB

URL HTTP/2
rthe.top/assets/jquery-3.5.1.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
31 kB (30913 bytes)
Hash
b975568f7eb9ecf41804cb1bbc96dfcc
4be3d286559ff9a84da23644dd863c15dc7a6a1d
4a65ef10076dbfe50ddf6396716410e744ed681c7b4a8c4f5fed42feca72f06f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/jquery-3.5.1.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "15d84-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 30913
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

tools.usps.com/global-elements/header/images/utility-header/mailman.svg

192.229.221.165

200 OK

904 B

URL HTTP/2
tools.usps.com/global-elements/header/images/utility-header/mailman.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
904 B (904 bytes)
Hash
e4bb1afb6143cb1307585f007399e0e4
7d28cd35cbdb8427d4a12274c3f455e57f4742e0
06410c31087cff92e7842a2e6aaef3b5b114192f77e2b652283250fdca6d5e30

HTTP Headers

GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: tools.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
age: 57443
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "723-55885af730a40+gzip"
last-modified: Wed, 06 Sep 2017 13:54:41 GMT
server: ECAcc (dcb/7311)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-frame-options: SAMEORIGIN
x-ruleset-version: 5.1
content-length: 904
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/location.svg

192.229.221.165

200 OK

1.2 kB

URL HTTP/2
www.usps.com/assets/images/home/location.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1209 bytes)
Hash
9d8433f178d5a7b839a8bf25552c62b0
c21cec68e524862992f4aa51bf6955b953a65112
d01cb5a23f9b7f4a0a3db27cfd3d90e3813e75ed498fdbabe4df3a859390bd4f

HTTP Headers

GET /assets/images/home/location.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 39870
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "a1a-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7F25)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1209
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/shipping-supplies.svg

192.229.221.165

200 OK

1.3 kB

URL HTTP/2
www.usps.com/test/nav/images/shipping-supplies.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.3 kB (1282 bytes)
Hash
7a8b39b328ba3e776e643f66844896e8
7a400d0f33c592651da919c728a30e46207a9449
05140d52bba76b4464360b852c3b78227cc2865c4512bf0010ee666f0c985f99

HTTP Headers

GET /test/nav/images/shipping-supplies.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 39874
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "9f8-560f10eaa9b40+gzip"
last-modified: Fri, 22 Dec 2017 17:22:13 GMT
server: ECAcc (dcb/731F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1282
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/stamps.svg

192.229.221.165

200 OK

551 B

URL HTTP/2
www.usps.com/assets/images/home/stamps.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
551 B (551 bytes)
Hash
780aa534eb1541ac0834489beafdeea2
2593cddb6c1b7505016d3c1138e16ff556e42166
c2a1858fe0517c4c928dad150f22710f1771c1b43b92b79ceb0b20e44db61ee8

HTTP Headers

GET /assets/images/home/stamps.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 14076
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "44f-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7EC4)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 551
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/find_zip.svg

192.229.221.165

200 OK

793 B

URL HTTP/2
www.usps.com/assets/images/home/find_zip.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
793 B (793 bytes)
Hash
4b74917936300819402d564909e39a34
82c09f9b1fa78724d4843b28f12c52e8bb218f2a
d7178ea719cbe6f11c5da374dc26908b1ad0d05d34a33cd6e6d701f5e05c209b

HTTP Headers

GET /assets/images/home/find_zip.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 39682
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "5bf-5494e7ed94c00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:08 GMT
server: ECAcc (dcb/7ECC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 793
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/schedule_pickup.svg

192.229.221.165

200 OK

923 B

URL HTTP/2
www.usps.com/assets/images/home/schedule_pickup.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
923 B (923 bytes)
Hash
9f9e044f92360c82183e3a31b774e7b2
273798ee8d4dead89367b835cdb7f65f51e81b47
e4b7ae480aae11558a890826cde2cc6fa10039a787052dfc72cdad3e7a772373

HTTP Headers

GET /assets/images/home/schedule_pickup.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 40247
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "6ef-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/732F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 923
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/gifts.svg

192.229.221.165

200 OK

590 B

URL HTTP/2
www.usps.com/test/nav/images/gifts.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
590 B (590 bytes)
Hash
e97f9908f9eef2a76ea4f48e00196980
f32d5a4b791567c690ea7095d93bec78e422db40
ad60c73a39b0fcd4b311654aab6f3954edb03f37034ad5567cf9f69d63d905f4

HTTP Headers

GET /test/nav/images/gifts.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 39951
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "3ee-560f10e9b5900+gzip"
last-modified: Fri, 22 Dec 2017 17:22:12 GMT
server: ECAcc (dcb/7378)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 590
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/po_box.svg

192.229.221.165

200 OK

848 B

URL HTTP/2
www.usps.com/assets/images/home/po_box.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
848 B (848 bytes)
Hash
a1feed192f3aca7fd02c00b6ee45bb07
fce52b953f90a873186cd2c3ddb26dcca41884be
88dcd2a8a6b055bf63763c0a86338f33b09a257c89e26a5ae6a364becf1ac122

HTTP Headers

GET /assets/images/home/po_box.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 40291
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "667-5494e7f259740+gzip"
last-modified: Fri, 24 Feb 2017 22:46:13 GMT
server: ECAcc (dcb/7FD5)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 848
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/tracking.svg

192.229.221.165

200 OK

844 B

URL HTTP/2
www.usps.com/assets/images/home/tracking.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
844 B (844 bytes)
Hash
04034bbe69ef912819cee070ff866703
2c96d71004568c2b460a7f8b796ae45ad89999ec
959755a6f38fb278acd6abb223db552ecf757c291f437149663009aafb83a181

HTTP Headers

GET /assets/images/home/tracking.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 56559
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "619-5494e7f71e280+gzip"
last-modified: Fri, 24 Feb 2017 22:46:18 GMT
server: ECAcc (dcb/7E95)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 844
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/search.svg

192.229.221.165

200 OK

795 B

URL HTTP/2
www.usps.com/assets/images/home/search.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
795 B (795 bytes)
Hash
ccfe748c6040d78e356b03d1a731585e
3e15bb471b3c3d0a5cebc3ccd137b5daf9273b7e
9a1b75fecaa2e0de127c36ddbb63c1bc2c44b3f81eed395734dee1ce837162fe

HTTP Headers

GET /assets/images/home/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 39683
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "5b9-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7F4B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/change_address.svg

192.229.221.165

200 OK

935 B

URL HTTP/2
www.usps.com/assets/images/home/change_address.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
935 B (935 bytes)
Hash
6c6d11d6d4ad880538ac8b3c9b244e35
d2f5a684574f89a8bdac4ac35508dc29c61e9771
7d2bde4b550c48e86e4d1c6a106d195b5a259f74e2ceeab0772712d356ae7eb9

HTTP Headers

GET /assets/images/home/change_address.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 40342
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "74d-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/733A)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 935
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/calculate_price.svg

192.229.221.165

200 OK

772 B

URL HTTP/2
www.usps.com/assets/images/home/calculate_price.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
772 B (772 bytes)
Hash
42af7d5484bf8f80ac930313caa5941f
c3dbaf338d7fa81845487333c0cba5b8341bd140
f8f9b52e8d7b815deba988cfcdc6596e9e7b6671075907290c8e96679b18fb2c

HTTP Headers

GET /assets/images/home/calculate_price.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 40312
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "8fe-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/7304)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 772
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/cards-and-envelopes.svg

192.229.221.165

200 OK

1.1 kB

URL HTTP/2
www.usps.com/test/nav/images/cards-and-envelopes.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1056 bytes)
Hash
5d63c3636efb2bbcb327ed13b714367b
c7e326811c101213173c2a585d1e9700731816ed
c63dd4b3239df8b0709202228ad62b9e06ec96c346d8f86f9e33a554973b795f

HTTP Headers

GET /test/nav/images/cards-and-envelopes.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 2154
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "8a9-560f10e8c16c0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:11 GMT
server: ECAcc (dcb/7F6F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1056
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/collectors.svg

192.229.221.165

200 OK

561 B

URL HTTP/2
www.usps.com/test/nav/images/collectors.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
561 B (561 bytes)
Hash
8439e88bd2e43656b157f9c184635032
ddcb40776177a5eac36973e53f2f8bab73e65ea3
5ea3f924c3453a9b8a3f79251377f385f83c8cf9618129427795adf186b9338e

HTTP Headers

GET /test/nav/images/collectors.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 40261
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "461-560f10f803ac0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:27 GMT
server: ECAcc (dcb/7FEB)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 561
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/holdmail.svg

192.229.221.165

200 OK

768 B

URL HTTP/2
www.usps.com/assets/images/home/holdmail.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
768 B (768 bytes)
Hash
2f40bbb9da0d97f2ba3f3efcfd7533af
34c76f88cdda4be234b58a76e466bc7a972f14ea
f1d176e77951f74582e7e311d99f98f7ce582bdb30051987f257eb3393ee2069

HTTP Headers

GET /assets/images/home/holdmail.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 40344
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "5a8-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7EFC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 768
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/featured_clicknship.svg

192.229.221.165

200 OK

493 B

URL HTTP/2
www.usps.com/assets/images/home/featured_clicknship.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Size
493 B (493 bytes)
Hash
efb53558ef3932a80523af92bdda2085
1a97f57d64bc76f296423e1ddbdba9bc71b6d754
f0a25ce9d4e04e6b12bfc528584d599d5e472238849b0e1c66ff5357058d38fe

HTTP Headers

GET /assets/images/home/featured_clicknship.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 40394
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "436-5494e7bfce000+gzip"
last-modified: Fri, 24 Feb 2017 22:45:20 GMT
server: ECAcc (dcb/7F6B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 493
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/utility_languages.png

192.229.221.165

200 OK

1.5 kB

URL HTTP/2
www.usps.com/assets/images/home/utility_languages.png
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1456 bytes)
Hash
410956805d5701e87299cff412827e1a
5de9a390649dfc12e3d6df431140d499ad8abd67
6e727dbf5b0f4a3ec76762e445ad2c5cb750f7de41afb8b0342f903124d09826

HTTP Headers

GET /assets/images/home/utility_languages.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 40117
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "5b0-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7E8E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1456
X-Firefox-Spdy: h2

www.usps.com/global-elements/header/images/utility-header/search.svg

192.229.221.165

200 OK

795 B

URL HTTP/2
www.usps.com/global-elements/header/images/utility-header/search.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
795 B (795 bytes)
Hash
78562ea313af96eca6581054fdbbc76c
b0f3fd320af131b3787b39c864ecac52de12a75e
7932a41ccc861366f60896fe808612a1361c85d654aef21c5d54f7673141c0a9

HTTP Headers

GET /global-elements/header/images/utility-header/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 39671
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "5b9-549b126599f40+gzip"
last-modified: Wed, 01 Mar 2017 20:28:05 GMT
server: ECAcc (dcb/7ECE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/business.svg

192.229.221.165

200 OK

689 B

URL HTTP/2
www.usps.com/test/nav/images/business.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
689 B (689 bytes)
Hash
3b81ef43fc5b08bab4155c5fed116dc9
a5a804fb2f8f51b3e588d4edb01752eba0380f8d
a513b0f2fb200e9cf7b30ccfbde98f79e87a027c256d99f3159ad22dcb5cc4cb

HTTP Headers

GET /test/nav/images/business.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 40288
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "4d2-560f10e7cd480+gzip"
last-modified: Fri, 22 Dec 2017 17:22:10 GMT
server: ECAcc (dcb/7FBE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 689
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/utility_customer_service.png

192.229.221.165

200 OK

1.3 kB

URL HTTP/2
www.usps.com/assets/images/home/utility_customer_service.png
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1307 bytes)
Hash
3500d365cd94527c71fe9c70d5cda435
0c7bede628d74cefaf5fce1b675c0ce3c72c78c9
34b28a24c5414dab68a15be6613536d905faf33fbf1aed8ee4702caa60be9bca

HTTP Headers

GET /assets/images/home/utility_customer_service.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 39785
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "51b-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7EB6)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1307
X-Firefox-Spdy: h2

rthe.top/assets/go-now.png

155.94.154.11

200 OK

20 kB

URL HTTP/2
rthe.top/assets/go-now.png
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
PNG image data, 210 x 142, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20334 bytes)
Hash
d0dad9004bae0df70b06b75557b1df62
4a080764de6b97902413f5c836432a30da348517
2ff8048ab175abf501e134d00a973ca31a7b0de09c2777eab0a2c9dc07ca0289

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/go-now.png HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "4f6e-5ec97acbf7a80"
accept-ranges: bytes
content-length: 20334
content-type: image/png
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/go-now(3).png

155.94.154.11

200 OK

20 kB

URL HTTP/2
rthe.top/assets/go-now(3).png
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19969 bytes)
Hash
6311ef7a60f86d77aa48fcc48a675a31
96bc8b2fe87b126ffbf0d7b7ad8419661cb6bd9c
70d715475fb0a4756fc65c50cbb2cf0ca15f7311efc6c54b18e045e6ab202251

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/go-now(3).png HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "4e01-5ec97acbf7a80"
accept-ranges: bytes
content-length: 19969
content-type: image/png
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/go-now(4).png

155.94.154.11

200 OK

22 kB

URL HTTP/2
rthe.top/assets/go-now(4).png
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22133 bytes)
Hash
22ab573e325c944450873345437b0887
0446e4d20c824d38ef4d427cf7e025c8f034f11a
d8573e3e13b1fb40173ea39d5e7fc1b935ae1239b9ca37ac3d7fedf3d966f4ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/go-now(4).png HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "5675-5ec97acbf7a80"
accept-ranges: bytes
content-length: 22133
content-type: image/png
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/go-now(2).png

155.94.154.11

200 OK

27 kB

URL HTTP/2
rthe.top/assets/go-now(2).png
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (26972 bytes)
Hash
b596424d2e958b51d7a68b46cadb6855
77eeeff212b8cd75a31beb954907e20bc5f8c831
daaeb825e97d878d0b5d5dfce37a2dd592ac0e1c5b887e24705835442d317365

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/go-now(2).png HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "695c-5ec97acbf7a80"
accept-ranges: bytes
content-length: 26972
content-type: image/png
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/search.svg

155.94.154.11

200 OK

795 B

URL HTTP/2
rthe.top/assets/search.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
795 B (795 bytes)
Hash
bc6bba680b71bc912c455bd5621c5720
d48c35dec62877452b6345daf910ceea514acc2f
1204068f265bc491b31eb55cd585ab507116877de4d4d5abc0e613824cbc00b0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/search.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "5b9-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 795
content-type: image/svg+xml
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/jquery.min.js

155.94.154.11

200 OK

30 kB

URL HTTP/2
rthe.top/assets/jquery.min.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (65452), with CRLF line terminators
Size
30 kB (29616 bytes)
Hash
4847400ffc6b86f3839bc080e5d68c89
c7731894a99b3d5477f48f04ac533be692606a0f
0ef57200732a242ebcda419288b31edae04cd78d7d5f6ca6a3104b3ae2f27507

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/jquery.min.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "14b61-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 29616
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/assets/jquery-3.2.1.js

155.94.154.11

200 OK

30 kB

URL HTTP/2
rthe.top/assets/jquery-3.2.1.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with very long lines (32058), with CRLF line terminators
Size
30 kB (30147 bytes)
Hash
9be8097803999b702fa83ec17dd66984
283299e8c5a59c73e949e4a275e0a70f9cf08f9f
c3702d18d04969c4d2c56a024a957ed897ec418bc15d66cea9eca0f1101a0c48

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/jquery-3.2.1.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 21:31:06 GMT
etag: "15287-5ec97acbf7a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 30147
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/global-elements/header/images/utility-header/mailman.svg

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/global-elements/header/images/utility-header/mailman.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/assets/megamenu-v2.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/global-elements/header/images/package-intercept.svg

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/global-elements/header/images/package-intercept.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/package-intercept.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/assets/megamenu-v2.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/global-elements/header/images/schedule-redelivery.svg

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/global-elements/header/images/schedule-redelivery.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/schedule-redelivery.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/assets/megamenu-v2.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/global-elements/header/images/icon-personalize-stamped-envelopes.svg

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/global-elements/header/images/icon-personalize-stamped-envelopes.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/icon-personalize-stamped-envelopes.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/assets/megamenu-v2.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff

192.229.221.165

403 Forbidden

345 B

URL HTTP/2
www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rthe.top
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Thu, 08 Dec 2022 12:21:43 GMT
server: ECAcc (ska/F7BB)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff

192.229.221.165

403 Forbidden

345 B

URL HTTP/2
www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rthe.top
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Thu, 08 Dec 2022 12:21:43 GMT
server: ECAcc (ska/F779)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff

192.229.221.165

403 Forbidden

345 B

URL HTTP/2
www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rthe.top
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Thu, 08 Dec 2022 12:21:43 GMT
server: ECAcc (ska/F7B7)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf

192.229.221.165

403 Forbidden

345 B

URL HTTP/2
www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rthe.top
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Thu, 08 Dec 2022 12:21:43 GMT
server: ECAcc (ska/F6BE)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf

192.229.221.165

403 Forbidden

345 B

URL HTTP/2
www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rthe.top
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Thu, 08 Dec 2022 12:21:43 GMT
server: ECAcc (ska/F7A8)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf

192.229.221.165

403 Forbidden

345 B

URL HTTP/2
www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rthe.top
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Thu, 08 Dec 2022 12:21:43 GMT
server: ECAcc (ska/F6EC)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/global-elements/lib/script/helpers.js

192.229.221.165

200 OK

358 B

URL HTTP/2
www.usps.com/global-elements/lib/script/helpers.js
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (695), with no line terminators
Size
358 B (358 bytes)
Hash
a94bd840611f82766bdd01435e0325d4
195b9eccc89fd504aaa416ecfc05b277e3b1862b
c9df217c213bc4a79f26f7996533f4e02e031f82d7f1b88ccdc0f39504573d46

HTTP Headers

GET /global-elements/lib/script/helpers.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 287
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "2b7-505dad4fe5380+gzip"
last-modified: Mon, 20 Oct 2014 13:38:38 GMT
server: ECAcc (dcb/7338)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 358
X-Firefox-Spdy: h2

www.usps.com/global-elements/lib/script/require-jquery.js

192.229.221.165

200 OK

74 B

URL HTTP/2
www.usps.com/global-elements/lib/script/require-jquery.js
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
ASCII text, with no line terminators
Size
74 B (74 bytes)
Hash
ea38e8196b75d9720bc3902d6d735130
165284464c58d7f213c1211f2c433873299e4527
cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9

HTTP Headers

GET /global-elements/lib/script/require-jquery.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 26090
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "4a-5057c23aa4c00"
last-modified: Wed, 15 Oct 2014 20:40:16 GMT
nncoection: close
server: ECAcc (dcb/7F20)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 74
X-Firefox-Spdy: h2

www.usps.com/global-elements/header/script/search-fe.js

192.229.221.165

200 OK

930 B

URL HTTP/2
www.usps.com/global-elements/header/script/search-fe.js
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (2264), with no line terminators
Size
930 B (930 bytes)
Hash
044ed97a28abfb41b4962d4be4f1a9a2
376bd4af5ff97565cf9565904b615bffbea08690
19c16113aa7d624c43ffefd992d78b420fc3a195d99578684d0abf52fbabce71

HTTP Headers

GET /global-elements/header/script/search-fe.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 67440
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "8d8-5d77081c47c40+gzip"
last-modified: Mon, 07 Feb 2022 16:58:17 GMT
server: ECAcc (dcb/7FD8)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 930
X-Firefox-Spdy: h2

rthe.top/assets/optimize.js

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/assets/optimize.js
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/optimize.js HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/images/nav-red-chevron.svg

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/images/nav-red-chevron.svg
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /images/nav-red-chevron.svg HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/assets/main.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/global-elements/footer/images/footer-logo.png

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/global-elements/footer/images/footer-logo.png
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service

HTTP Headers

GET /global-elements/footer/images/footer-logo.png HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/assets/footer-sb.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2 HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rthe.top/assets/main.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2 HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rthe.top/assets/main.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2 HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rthe.top/assets/main.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5424
Expires: Thu, 08 Dec 2022 13:52:07 GMT
Date: Thu, 08 Dec 2022 12:21:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5424
Expires: Thu, 08 Dec 2022 13:52:07 GMT
Date: Thu, 08 Dec 2022 12:21:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6416
Expires: Thu, 08 Dec 2022 14:08:39 GMT
Date: Thu, 08 Dec 2022 12:21:43 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc231183-b100-4921-9a48-0bac91da0d2b.jpeg

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc231183-b100-4921-9a48-0bac91da0d2b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6032 bytes)
Hash
280c788841ca669f2c8556f03ee85b68
c15a4519a69eb6b5cc624344a7c3d99335a095d9
451a816aa2129c3a7712a01b96daee492ae2ab25c4940405063098f3b7ad10ae

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc231183-b100-4921-9a48-0bac91da0d2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6032
x-amzn-requestid: 22b80af7-87cf-4719-8bc8-927077cc3aa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4hoFraoAMFpVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639107a3-42927c064ee65d3b23121b36;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -6j01fDKCX0VuXQjVKCm1nPOqSRuh9_Pd-3cgxbEKWhLzlL27hs0fA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:07:32 GMT
age: 51251
etag: "c15a4519a69eb6b5cc624344a7c3d99335a095d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12534 bytes)
Hash
57be99ac898a37d73f2ba4a24f56248f
04e32eb45581201a6a1863200e4d139df48285e6
a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 47865
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7268 bytes)
Hash
24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wFqXeAYHSBcj85PiuqhV790clAMWg_NHMCO5Q5WARXDaohFWZdeCig==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:19:17 GMT
age: 46946
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9596 bytes)
Hash
c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcHU93cetsY4-vWHpT2xXozH1T7J3_1X8n6Yjd6lOuF8HbkpTQDerg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
age: 50899
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6186 bytes)
Hash
535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:01:03 GMT
age: 4840
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8659 bytes)
Hash
b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 45971
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.usps.com/global-elements/footer/script/jquery-3.5.1.js

192.229.221.165

200 OK

31 kB

URL HTTP/2
www.usps.com/global-elements/footer/script/jquery-3.5.1.js
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
31 kB (30950 bytes)
Hash
2a0ef702291c837a85b6c7c2275fdac6
7937023d7bc07c2a6d1e29f316836995fbdbf997
921bf2826576dbc494161d3021ee21b0b844ed89f0b2b630e7d579b69ab1a9ba

HTTP Headers

GET /global-elements/footer/script/jquery-3.5.1.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 28283
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:43 GMT
etag: "15d84-5affcd6633ac0+gzip"
last-modified: Wed, 23 Sep 2020 15:35:47 GMT
server: ECAcc (dcb/7F9B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 30950
X-Firefox-Spdy: h2

rthe.top/assets/jquery.min.js(1).download

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/assets/jquery.min.js(1).download
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/jquery.min.js(1).download HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:43 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rthe.top/assets/main.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:44 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rthe.top/assets/main.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:44 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rthe.top/assets/main.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:44 GMT
server: Apache
X-Firefox-Spdy: h2

www.usps.com/global-elements/lib/script/resize-manager.js

192.229.221.165

200 OK

468 B

URL HTTP/2
www.usps.com/global-elements/lib/script/resize-manager.js
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (1040), with no line terminators
Size
468 B (468 bytes)
Hash
7dfda1d5c69fea0090eb0e1dd8f9cc69
731696ce554e4a61def2c1b2c42f593b2d663ec2
f59a56b127f6d56e1af875fde9db49dcd3fc70cd952445b3f0d259f4acc52a5e

HTTP Headers

GET /global-elements/lib/script/resize-manager.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 53889
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Thu, 08 Dec 2022 12:21:44 GMT
etag: "410-5057c23b98e40+gzip"
last-modified: Wed, 15 Oct 2014 20:40:17 GMT
server: ECAcc (dcb/7F54)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 468
X-Firefox-Spdy: h2

rthe.top/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/assets/main.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:44 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/assets/main.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:44 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/fonts/2381d918-136d-444f-8391-db0cba6da388.ttf

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/fonts/2381d918-136d-444f-8391-db0cba6da388.ttf
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /fonts/2381d918-136d-444f-8391-db0cba6da388.ttf HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/assets/main.css
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:44 GMT
server: Apache
X-Firefox-Spdy: h2

rthe.top/favicon.ico

155.94.154.11

404 Not Found

255 B

URL HTTP/2
rthe.top/favicon.ico
IP
155.94.154.11:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
255 B (255 bytes)
Hash
ba6c3d74000a4c6de4166b8e951dbe5a
1a1e9963bc585da9c72bb9c9a178c1e0a2c522c1
a47c5c7c2ada9a650e2d12b456b9073d9c32ea2dc06a19848fbbc70fa7edba14

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rthe.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rthe.top/
Cookie: PHPSESSID=583cdvjfo0qe98e953l9a9tskl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 255
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Dec 2022 12:21:44 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations