Report - informed.deliveryqji.top/us/

Report Overview

Visited public
2024-12-31 12:38:17
Tags
usps logistics phishing
URL
informed.deliveryqji.top/us/
Finishing URL
informed.deliveryqji.top/us/
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Title
Welcome | USPS
Phishing - US Postal Service

Detections

urlquery

141

Network Intrusion Detection

Threat Detection Systems

178

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
informed.deliveryqji.top	unknown	2024-12-29	2024-12-31	2024-12-31	42 kB	2.4 MB	104.21.32.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-12-30	medium	informed.deliveryqji.top/us/	United States Postal Service

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed
2024-12-31	medium	deliveryqji.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	From	Size	First Seen	Last Seen
	informed.deliveryqji.top/us/assets/index-4b020bd6.js	ScriptElement	505 kB	2024-07-17	2025-04-23
Pretty URL informed.deliveryqji.top/us/assets/index-4b020bd6.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-17 00:54 Last Seen2025-04-23 12:35 Times Seen3536 Hash 12420b2e0f816d06f0ddf11b25188f88 138d893272294548f59dc4ddd92b358a22801c41 095aa68b6e8bb9648b91b009821b31a81c9ca7f849b069547406b206dbb0f3fd Loading...

	informed.deliveryqji.top/us/	ScriptElement	328 B	2023-04-07	2025-03-18
Pretty URL informed.deliveryqji.top/us/ IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 06:55 Last Seen2025-03-18 21:01 Times Seen9141 Hash 3cb9786af5e65ff7a58c24c85677a40a 1dcbd37c74e0e059f17066831f594c4c2cd531f7 8bc5a4a4db521fb00a74ed14b2351db552ca6530233a4d403dfe004b6fd38f6a Loading...

	informed.deliveryqji.top/us/assets/09bf01f8KXMp5.js	ImportedModule	2.0 kB	2024-07-17	2025-04-23
Pretty URL informed.deliveryqji.top/us/assets/09bf01f8KXMp5.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-07-17 00:54 Last Seen2025-04-23 12:35 Times Seen3535 Hash eb9f0a5e1780c8de62044ba70e9d5e14 26c710fdf35b9268260d806961d6e761e7175a4a dc5e272ed1a8676d699cf151f05007a9f3152cc79dee644c731cd5d62761e49f Loading...

	informed.deliveryqji.top/us/assets/7357514cKXMp5.js	ImportedModule	2.6 kB	2024-07-17	2025-04-23
Pretty URL informed.deliveryqji.top/us/assets/7357514cKXMp5.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-07-17 00:54 Last Seen2025-04-23 12:35 Times Seen3535 Hash 61865f7fe10ffeb75d7b02fc11873a75 b2bad6213dacfc4c027b53cd4ba2424f0a7e02bb 453050ceae7eb649bbb791222012326c1b661c0b03111c18a45d00911ba479c9 Loading...

	informed.deliveryqji.top/us/assets/dc6d90ceKXMp5.js	ScriptElement	6.4 kB	2024-07-17	2025-04-23
Pretty URL informed.deliveryqji.top/us/assets/dc6d90ceKXMp5.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-17 00:54 Last Seen2025-04-23 12:35 Times Seen3534 Hash 191953a52b7e04611f91bf29e2bf1956 421a4564cd537b25340750e31682b99f9fbbdc1e 45ecfd31e8db2dfa3ab6ed8e0e3f4f26166153051abfc791d6e326296d1cb7f7 Loading...

	informed.deliveryqji.top/us/assets/62ff200fKXMp5.js	ScriptElement	70 kB	2024-07-17	2025-04-23
Pretty URL informed.deliveryqji.top/us/assets/62ff200fKXMp5.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-17 00:54 Last Seen2025-04-23 12:35 Times Seen3534 Hash d575c7dce4609f4f34b957b35b20426d edb9a6f89ff7ef2ff6a34071d10ca148517861f3 b86b5e7669a1331149e5b9072cce8337e2ebe08b1a16c7262cb3b0235f911e5f Loading...

	informed.deliveryqji.top/us/assets/f0ee2557KXMp5.js	ImportedModule	53 kB	2024-07-17	2025-04-23
Pretty URL informed.deliveryqji.top/us/assets/f0ee2557KXMp5.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-07-17 00:54 Last Seen2025-04-23 12:35 Times Seen3535 Hash a43174260c57c600a93e9785483ce823 674dc958475b7438ba5c2e623879e6d9ff2a82fc ca68702aa3ea8779f34864cc6285bce454103a111c1255cbf22c9e8dd3292aa5 Loading...

	informed.deliveryqji.top/us/assets/c27b6911KXMp5.js	ImportedModule	1.9 kB	2024-07-17	2025-04-23
Pretty URL informed.deliveryqji.top/us/assets/c27b6911KXMp5.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-07-17 00:54 Last Seen2025-04-23 12:35 Times Seen3534 Hash 7b8a6e4236805e691feb4a0ce3d32b66 2c6a3cfdb67023aafd19416ee94d384763c8b326 cc1f2b610f9de09a9d04b94b34bb5307cf831d2abe943ece7aaff39516dd1a70 Loading...

	informed.deliveryqji.top/us/assets/3213f1cfKXMp5.js	ScriptElement	112 kB	2024-07-17	2025-04-23
Pretty URL informed.deliveryqji.top/us/assets/3213f1cfKXMp5.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-17 00:54 Last Seen2025-04-23 12:35 Times Seen3532 Hash 0eb400d899c95ac8c7d09376bde305fe 4aa15e84939a4f1a51f8edf03180b261077f6057 d524f19a764a1dc6d70788257afd7abd0a038d23d33ed7801c42fb038d223e0f Loading...

	informed.deliveryqji.top/us/assets/143268e9KXMp5.js	ScriptElement	4.5 kB	2024-07-17	2025-04-23
Pretty URL informed.deliveryqji.top/us/assets/143268e9KXMp5.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-17 00:54 Last Seen2025-04-23 12:35 Times Seen3535 Hash 890b402c0382bc335dbc07c1332ea469 0ba37489d94b249b18c1dda38b8ca3d499c153cf 4514ae0c3264d12e735d0c5d2a2d633606d32be84d1ba8b6c8b5514a99fcaf5a Loading...

	informed.deliveryqji.top/us/assets/0cabecd3KXMp5.js	ScriptElement	115 kB	2024-07-17	2025-04-23
Pretty URL informed.deliveryqji.top/us/assets/0cabecd3KXMp5.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-17 00:54 Last Seen2025-04-23 12:35 Times Seen3531 Hash 456e9fd57e89f6d282125abce2adb0bd 37126aba72586d289b6c28572938032e7731531e 067cb723141dfc3ab72c8b3b6158ec5825c5697c30f16aa71a5a0f82cadb5e2d Loading...

	informed.deliveryqji.top/us/	ScriptElement	84 B	2023-04-07	2025-06-05
Pretty URL informed.deliveryqji.top/us/ IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 06:55 Last Seen2025-06-05 18:04 Times Seen13572 Hash 528dd01eb509d1fc3c68b48e165c9d77 8d702f33d869eb8c53cf75c17014f96385322395 b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a Loading...

	informed.deliveryqji.top/us/assets/78d59236KXMp5.js	ScriptElement	35 kB	2024-07-17	2025-04-23
Pretty URL informed.deliveryqji.top/us/assets/78d59236KXMp5.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-17 00:54 Last Seen2025-04-23 12:35 Times Seen3535 Hash 6522e60f9822e53e09a7eed80d7a763a 82ce9d143b9e9ed6bed370e0906cdb3b3c4847cc 1dbe4d7cc001b0da4fcabdd95aa562ff892f7a68f311727aff2092720b77e735 Loading...

HTTP Transactions (88)

URL IP Response Size

informed.deliveryqji.top/us/assets/7357514cKXMp5.js

104.21.32.1

200 OK

74 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/7357514cKXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
gzip compressed data, max compression, from Unix
Size
74 kB (74380 bytes)
Hash
82931f8a48d165bf5914f5a1575c8d5a
125d937f90242a60bad9360628328bcc0d735445
c7ced3f292b2db828e0f68e050fcf73016895709dd570c326f6868b4fb443253

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/7357514cKXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/78d59236KXMp5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gS6cbvZAoB2jDvb0VF%2FJF4jBGNQeZTAxd2ZB%2F%2Fl3F%2BQu3KW5LI94kH3UsOb%2FeEAz45RhdzA3zq6bBqcm2tnTk9RnSEq8NXi2l0MxgRSeL%2B0bDoF5uxmUsW1IuSNWbiokJ7WrgJFePW1CLTw%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:24 GMT
etag: W/"a35-190b57e2ec0"
content-encoding: gzip
cf-cache-status: HIT
age: 0
cf-ray: 8faa52cf1aa656a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkG1x&sid=l2B885WWkTrJl3efAm11

104.21.32.1

200 OK

32 B

URL GET HTTP/3
informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkG1x&sid=l2B885WWkTrJl3efAm11
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
ASCII text, with no line terminators
Size
32 B (32 bytes)
Hash
efbdb87841a46d1a200ab4d756e2cdab
7f3398c442d4f551e1f9a9a9a3b26c6db2fc7819
08ce78fa5f8acf46e890189f69499e38c4a113fcda8d37e3668b6d1023122451

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /socket.io/?EIO=4&transport=polling&t=PGSkG1x&sid=l2B885WWkTrJl3efAm11 HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: text/plain; charset=UTF-8
content-length: 32
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wcaDnwtqzYbWaN%2BdgKgWaRJYink%2BSMeu2Q586lypvx4Bsxz%2F1vCk7aisp4iXucmXmmBpsEGtl7MP0ZQSRfD1hynl6uG2atqQUjMmOryZ7jT2p6K8BNcygQoyBFJ6KFN90mARhVgu%2FvklM4c%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8faa52d40ab456a9-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/667bf194TeKnX.css

104.21.32.1

200 OK

17 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/667bf194TeKnX.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
ASCII text, with very long lines (65324)
Size
17 kB (16724 bytes)
Hash
7af6c6f35007de71a16ac3568fd27663
dab8ea240261b857c5a2a256364b319ab0a5dfcd
667bf1945b650a844809244ac70ae2fefa171302da25745dffb728a9d5124e4f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/667bf194TeKnX.css HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: text/css; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2FxiSpOK6fohmxKWzISPz%2Fi1l2PuDJH7OvRaOCW8TPwFdAj4nr4FLoQjdK2qhPaW7qm7WB9WsqRSTkgQQWQuhaipwbY%2BDTvQCq8aaQAgPQOP5up7XIWiy9%2BRV%2FfgjLSKj5ufmMZ%2BpjwHCxA%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"10d59-190b57e26f0"
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 8faa52cd9a9c56a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/49.png

104.21.32.1

200 OK

22 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/49.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
PNG image data, 195 x 167, 8-bit/color RGBA, non-interlaced
Size
22 kB (21683 bytes)
Hash
973974e401a6d2630ee67eaa6d95b797
fa9b5ff2481c916c009b4adbf3fd69625e5a1b1b
39a8ed81691ca6296abf0a7f9a746795f4f7486449e225d792ae98433cf0c355

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/49.png HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/png
content-length: 21683
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LPj54W3gvfo6mKj%2F8dmfcFxZiUXrefM8N48P7frVSmPvakDFAg58q7dbRwMtbNp9%2FIpzFM3AXp%2FUDuMYKf%2BQaGCMWZtTZj5UXCTSTSqp5KPOQriEfRNrUnM6dU180pYI2uuA8YEOeqQ4ocY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"54b3-190b57e07b0"
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 8faa52d61aca56a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/48.png

104.21.32.1

200 OK

8.0 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/48.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced
Size
8.0 kB (8026 bytes)
Hash
49754396635190a6532dd376acc76ee1
526df243e2adbf5719b082c5e04190ed40209ccd
0962cc2915393132882747bf55b069572324019764af92ec02d5d0249bfdff99

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/48.png HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/png
content-length: 8026
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tXEtM0ijABYqC3pzIIS%2BUgcbDpfYL1vjcrh8NKIwXllQ1MewhUZFIZP%2F6sw4S62IgUb%2FB%2F7RRQQtottlM4H4LwNbus2Vu1sGP%2FxE8K3ybnKwmUmBZoWqLpwG79xxlauPxAMznwm76pC1h80%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"1f5a-190b57e07b0"
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 8faa52d61ac956a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/63.png

104.21.32.1

200 OK

2.5 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/63.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
PNG image data, 50 x 35, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2461 bytes)
Hash
e38ff6af4b8ff088fcb2dc92410b759b
529c88413dbc330fa05a0629b2084ca7931f453e
c2b609bbc0ed5b17740df6ab378bfcbe068e3b08d85e85b2d9dfbe6dd3c6be95

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/63.png HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/png
content-length: 2461
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hWjT03e%2FydJMjxl5R9onR3bKJ5oH3XM82TjKVlK8qYLDGIr9u3xkqCU850xQBtwyZQ7dEuGWeJOZ1iNdVhg1ptvNbjwR9GMdmRCT4XA%2FrPA5G2%2FQISqng952qAdvcXBNr8UoytAEEokpVnk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"99d-190b57e07b0"
cf-cache-status: HIT
age: 0
accept-ranges: bytes
cf-ray: 8faa52d64ad056a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/60.png

104.21.32.1

200 OK

1.9 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/60.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
1.9 kB (1873 bytes)
Hash
5d1fed200f7befa569074a293cf2abed
11bacbc9debe99986d9a6e974e9a819aaa74be29
9d0ef8aa34abec770b6a9fb4358842a29413d08c0d1e4b74f5c4c31ab477c14c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/60.png HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/png
content-length: 1873
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SZycU7Pg3ehe3ptCbOe91LRX44W5jcrfXJ7lj298QKrGSJqts%2Bn4Tws%2BD32kpZvU7vZx1x5zp%2FSDw1mPqiKmPARIfqIhSaAmQrQQSL5vsp7zesRKPbwz6Bk3C8QTeKG6G2X28oOQ9W5sjLY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"751-190b57e07b0"
cf-cache-status: HIT
age: 0
accept-ranges: bytes
cf-ray: 8faa52d63acd56a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/62.png

104.21.32.1

200 OK

2.3 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/62.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
2.3 kB (2325 bytes)
Hash
010bf7d7901ccaa3905cfe4b7c1cb50d
9c174f76a3ed50a173637d44793d6bc15a818112
67d664b844fdba0588665c6f1986b25fcb6d99e5122a455c36da8622f1eaab62

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/62.png HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/png
content-length: 2325
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wGrkyWzVfDFa58O%2F84fzMss%2FxNHL9zywqYjAlo5e9AxHPq2LTmOFkrII8hQRplUOtLj%2F2MV9q%2F9BDy5BQ5qCLyxjLT8rP%2BXRiSSn5ali3VMCI10SsQ0skRoSbryPtEVbf5SOrpGirziD%2Bhg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"915-190b57e07b0"
cf-cache-status: HIT
age: 0
accept-ranges: bytes
cf-ray: 8faa52d64acf56a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/61.png

104.21.32.1

200 OK

1.8 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/61.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
PNG image data, 50 x 48, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1842 bytes)
Hash
4f6b06552f2054fecb5a3ab3956d7a79
c1257b76200738ad53147be110920f84efd479b3
248385895aacd78d7a7b045cd5109103c2f849bbaef9cff5980d59823a620c91

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/61.png HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/png
content-length: 1842
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vhl0iKa1jHlAePoTywsd%2FLlR3Q0VbQOhrxtd1sD1T4mFdAynPQf65E12hIH6xGXdAEysJGsiUCNoQPjFAfHppYNw5pWtNU8rS445nJx0XMuwDOnPs8y7SLAGKfoyKzP%2F7xZGACkXTZSQFM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"732-190b57e07b0"
cf-cache-status: HIT
age: 0
accept-ranges: bytes
cf-ray: 8faa52d64ace56a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/47.png

104.21.32.1

200 OK

20 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/47.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
PNG image data, 210 x 142, 8-bit/color RGBA, non-interlaced
Size
20 kB (20334 bytes)
Hash
d0dad9004bae0df70b06b75557b1df62
4a080764de6b97902413f5c836432a30da348517
2ff8048ab175abf501e134d00a973ca31a7b0de09c2777eab0a2c9dc07ca0289

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/47.png HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/png
content-length: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQHVLpgPrEHRrwFb7S7VBI9NWR2qnYybEVri1gZRZ0oRf0QAm30z%2FpfIf3WLBs9LfjhPuETrAdBkAS70soMEs2LPaOd4wI9kw%2FN6P5Bx%2BIDpvxb%2Fx4zvkAG4w4%2F%2Fk%2FUIThglsgdtwzYJKBA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"4f6e-190b57e07b0"
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 8faa52d60ac856a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/1cc43a97TeKnX.png

104.21.32.1

200 OK

5.4 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/1cc43a97TeKnX.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
PNG image data, 221 x 27, 8-bit/color RGBA, non-interlaced
Size
5.4 kB (5390 bytes)
Hash
ccd62119eaa0e3697f60599487c51ad5
8e44d3123b4ce2005c76a2b8dcf7870058d2a82d
1cc43a97be92fddf0fe4244858f5337c80a8d350cd0afcd0c4d2004d3fded0ab

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/1cc43a97TeKnX.png HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/png
content-length: 5390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFm3F9zdAvHH5GG4AkWVGqyBLqTRvKpZJdVrJfHp312Z5CN7kwE7Z6ZuLqKUI2aUxEwRYSu%2FzfpcZD2s7cHjbu3lEaw5NS44cFTWwRpNBH%2Btai3FUZ2DdrVIbyItkfC9Pir22ls5kINOEzs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"150e-190b57e26f0"
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 8faa52d69ae656a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/51.png

104.21.32.1

200 OK

22 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/51.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced
Size
22 kB (22133 bytes)
Hash
22ab573e325c944450873345437b0887
0446e4d20c824d38ef4d427cf7e025c8f034f11a
d8573e3e13b1fb40173ea39d5e7fc1b935ae1239b9ca37ac3d7fedf3d966f4ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/51.png HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/png
content-length: 22133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kw2g%2BdPwd8f6r%2F45uSlz9jw3oOsDolRCTbpb0efrzgy9QXXvv4xlUqhVotiBzr0ruP1Na%2BhqTXdO6FOYsHI7YEywNrKzvmQQ7BK7FvcVEsA5X6gOjxpzsgmfL0%2Fe5%2BXbmYlFSbriWqxkTUU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"5675-190b57e07b0"
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 8faa52d61acc56a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/50.png

104.21.32.1

200 OK

20 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/50.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced
Size
20 kB (19969 bytes)
Hash
6311ef7a60f86d77aa48fcc48a675a31
96bc8b2fe87b126ffbf0d7b7ad8419661cb6bd9c
70d715475fb0a4756fc65c50cbb2cf0ca15f7311efc6c54b18e045e6ab202251

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/50.png HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/png
content-length: 19969
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lifLplk%2BdWXKV4Q3O5SPP4Gml6B5QY8JOwRHoaPIiKcOAQIQyfGOj3BTnnLXOw3Eg0fDotugv7mWCfVQiOA%2F92wObGmhsG45W%2FvIx9Br7qrwITa4TRxOPp4i5VOkYQ3FI40djMwIXACEKis%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"4e01-190b57e07b0"
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 8faa52d61acb56a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkGDX&sid=l2B885WWkTrJl3efAm11

104.21.32.1

200 OK

1 B

URL GET HTTP/3
informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkGDX&sid=l2B885WWkTrJl3efAm11
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
1679091c5a880faf6fb5e6087eb1b2dc
c1dfd96eea8cc2b62785275bca38ac261256e278
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /socket.io/?EIO=4&transport=polling&t=PGSkGDX&sid=l2B885WWkTrJl3efAm11 HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cePs%2Ftg9488KJvrdEh2O2kQPHK6PILD6PmMFJQGbrrHTT5u0B9NuEo2S8xmdabNPxK%2B76fP7HR9grvMT4EywlL%2BwUk0yG0iAXTcwlGSidGjLuEsvpfXfMeYlEkDV1IEPbbnbq9LDZtxuKZE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8faa52d8aaea56a9-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/ffd7af61TeKnX.woff

104.21.32.1

200 OK

47 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/ffd7af61TeKnX.woff
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
Web Open Font Format, TrueType, length 46657, version 1.0
Size
47 kB (46657 bytes)
Hash
3beb1cf49dc702cd4de8618eeb344dd4
080e1b4dc8b43ddb06961a3490857cdb936a8c2a
ffd7af6177837790e2620c429dce0da6dc7d18bbdcf87a7ed2c033a03513e947

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/ffd7af61TeKnX.woff HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: font/woff
content-length: 46657
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQ492dB84tCMxbNcEEooG3gzRswBDvBTilXJfSDYCJVSoYsoRNxB2kGTPC2feSoNr3fG7YimfLqnr7qVAxkCdFJCFuBv4%2BspuaBU8OvRm7e4Bn%2FbfLDRvO8ye7Xm57EczwAUv%2BzO5BEvzkc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"b641-190b57e26f0"
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 8faa52d69ae756a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/cc469406TeKnX.woff

104.21.32.1

200 OK

52 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/cc469406TeKnX.woff
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
Web Open Font Format, TrueType, length 51685, version 1.0
Size
52 kB (51685 bytes)
Hash
a93e96be336c174933e68ef61d56e0d3
48f7a75a367904ff4a9a79689a508e29edda462c
cc469406025b7ce0913cdefc664007cd0fc46bc66a740dc7aff67cc041bccde0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/cc469406TeKnX.woff HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: font/woff
content-length: 51685
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dc00PFsy5Qv8PnMwlQFlyVvlzn8hfPUdc81QjWJCRlc%2BvaZFzYIl%2BFco4FxsbIxJXmlwXnv5%2Flm3XSpPgJUAQLEn1NtGLa4b0j6f%2BY9YqRIs2bh32y%2FLpRjWagDQDn91De5fosJQSdMXXiw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"c9e5-190b57e26f0"
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 8faa52d6aae856a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/api/MC44NjIzODc1OTMzMjA4NjYx

104.21.32.1

200 OK

36 B

URL POST HTTP/3
informed.deliveryqji.top/api/MC44NjIzODc1OTMzMjA4NjYx
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
openssl enc'd data with salted password, base64 encoded
Size
36 B (36 bytes)
Hash
680c246a7c977beb7e3ff7daa2b8fec0
9847b459f4b8d436dfafcae974e810c64bc0525f
455f081c02a7e5f5410a5e8f54087291fcb4ceebce89dcb817efbb686ac243a7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /api/MC44NjIzODc1OTMzMjA4NjYx HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/encrypt
Content-Length: 300
Origin: https://informed.deliveryqji.top
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:56 GMT
content-type: application/json; charset=utf-8
content-length: 36
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sBaDJOmzbR77ZbXcZkMbhOyl06GZ3TPFklst1KO%2FlfGZ%2BxKEYYPE%2FTpfU8a66vUwP7HnoXXW2rdRFeS8Naz1r2%2FEJK9PlB%2BqP76GqGfHPHqqoFGwbRyIm0mfLvyI%2BH93TaGQycU2V18UC20%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
etag: W/"24-mEe0WfS41Dbfr8rpdOgQxkvAUl8"
cf-cache-status: DYNAMIC
cf-ray: 8faa52e54af256a9-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/9b0c1debTeKnX.svg

104.21.32.1

200 OK

13 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/9b0c1debTeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
13 kB (12783 bytes)
Hash
ab3a7d66e14d590012cdea855490439c
c1e463141246cc782929afb4802eb00d239989f6
9b0c1deb81e6a449f5f996583078d624a732206f9acad843a3a8946cc293e160

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/9b0c1debTeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1vDU7d%2BNCtI0hvTF5%2B%2BxWx%2BzX0ZeCDXt0HtDLzi%2FR7C0XsD%2Fffn%2BDy6FycR20ydaltXjtliemFUovZdZQSs%2FxOC13DXZR7jAe9ZMgQjRSErQNpRinn9mSqudh04EcO1jl7vjGrs7DQfzssM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"8d9-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d66ad756a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/b93300ebTeKnX.svg

104.21.32.1

200 OK

7.8 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/b93300ebTeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
7.8 kB (7799 bytes)
Hash
936bb8bebbfda69cf993c7a2871e75e4
7b91f3cbc40180ac673eb7b9b731a41604d906f4
b93300eb9a7ad30395abeb04a4d331f367ee09f0419da760ef688e864be75a38

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/b93300ebTeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXXsGR7mwdk%2BUshGxV%2BjLsSFRKoVq63%2B5podsJ6gY51xEjyJJh2VY0f2K8wVMcgk4%2FGYtgCmdL%2BJETx21aEwGNW1cnsiPyJGqudaZKbPFw7tnWgfJOhq1%2BH38de589OghrQtUHc8eNFSHF8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"6d1-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d66ad856a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/ae1f038aTeKnX.svg

104.21.32.1

200 OK

8.7 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/ae1f038aTeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
8.7 kB (8672 bytes)
Hash
78ed83dfdc12e5e8252a1f959ba8d074
480153036bc0868eb70805c9a038634f86cf89c2
ae1f038aeab9742ddd5d4ad36ac51f3e8112c5b8f95c7b81f6ac978c3e1c2b7b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/ae1f038aTeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rq0L1V%2BjcV2Xq2CUfN8l7lXH4BPJVgqj4UFErCABpZaFM7jLgf05chPwB9BTK2zgMymj0NuLqYh1sw%2BMGAZNL0zFqvIp2I7%2BCPm8W9CWh7biBCdP5DGLxy%2FOe2789X8O8nUklyY1G8hu3Ts%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"600-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d66ad656a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/c27b6911KXMp5.js

104.21.32.1

200 OK

1.9 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/c27b6911KXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
JavaScript source, ASCII text, with very long lines (1898), with no line terminators
Size
1.9 kB (1898 bytes)
Hash
7b8a6e4236805e691feb4a0ce3d32b66
2c6a3cfdb67023aafd19416ee94d384763c8b326
cc1f2b610f9de09a9d04b94b34bb5307cf831d2abe943ece7aaff39516dd1a70

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/c27b6911KXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://informed.deliveryqji.top/us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mZ3UcneSZY1XieRVo4l4aeGdYw97uBR1KzMq%2BVEE%2F1BomFXQ2N3vko3DB%2FRTBM3iqOkj9%2F%2FoYPVY2772o5nkxwd83pn%2BsEwdCqmWwQYsypTWhrqGglH4%2F6m8LohIPhX4gpu%2FieQ%2F8v7%2FlJA%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:24 GMT
etag: W/"76a-190b57e2ec0"
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 8faa52cd9a9f56a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkG1v&sid=l2B885WWkTrJl3efAm11

104.21.32.1

200 OK

2 B

URL POST HTTP/3
informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkG1v&sid=l2B885WWkTrJl3efAm11
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /socket.io/?EIO=4&transport=polling&t=PGSkG1v&sid=l2B885WWkTrJl3efAm11 HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: https://informed.deliveryqji.top
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BXqWZ5lZP%2B0tYFwpnk7OJJ1lR277dWa5tJqPWXYXDtpROHHEg2K%2BBYTjNYVHosSqkyaNvX7w7DuA4yMjSwmd07OxZnHYo6GKkiw94tp0Lal%2BGd%2BaXK54jm2PmoCA5QbzZ2yAYHKGO17fJFY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8faa52d3fab356a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/c12815f2TeKnX.svg

104.21.32.1

200 OK

2.6 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/c12815f2TeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
2.6 kB (2552 bytes)
Hash
ab67d7e569a64be0744cb3d179612d50
65e256ede2d7bc4297f7497f4430182c04b627e9
b3b380736b4280b27e829b17a7fb722f88c100d77bea94909c9b110e2a4a691e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/c12815f2TeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XCJuKW52jxjf%2BXMoima7%2Bd%2B2EYkAVE7UuuMJHOBhimPm6TefAmHc0Gu2UgAWES%2FQkujaGSu0Dzy9GwibawlofXDb3i6kSOxWeV4nlWu6eDWEjAccVMxYNR7fTp2x92jqBTMtGEmZXpNsxn0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"9f8-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d67adf56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/3213f1cfKXMp5.js

104.21.32.1

200 OK

112 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/3213f1cfKXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type

Size
112 kB (112045 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/3213f1cfKXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://informed.deliveryqji.top/us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0u7fzEItnCZvHQyHkvh6B5lKN41XUT2jALIxY5sPUnSP10CuaHoaq4JOghYlkYp0SdLZztsa7oF4VwSzA9CaoFqVzVjGjY5dWwOJ9q6e4OneMzLbhkJLqge%2BQm%2F9dN070f1RbSRtZQkhIqA%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"1b5ad-190b57e26f0"
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 8faa52d07aac56a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/socket.io/?EIO=4&transport=websocket&sid=l2B885WWkTrJl3efAm11

104.21.32.1

101 Switching Protocols

0 B

URL GET HTTP/1.1
informed.deliveryqji.top/socket.io/?EIO=4&transport=websocket&sid=l2B885WWkTrJl3efAm11
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /socket.io/?EIO=4&transport=websocket&sid=l2B885WWkTrJl3efAm11 HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://informed.deliveryqji.top
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3YyFkk8KWGnTEbuH9UWqpA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 31 Dec 2024 12:37:54 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X+147NjfNocMFCjcE8ejI9sZn+E=
Access-Control-Allow-Origin: *
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yrK47h6Lw5NBEtIcy9Mo0MMSyTjZ%2F%2BJgdZUWV6tWT%2BkxbCLdwof0oFNPIWMIDAseiAktoQcdMPwIzEFK5X%2BKjDQ5BEL1Io%2FhW2UMUm0RsUdTlrBAoKBn272F7SrASW0B2ru4WWBDqLn5rAM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8faa52d44ff5b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=493&min_rtt=421&rtt_var=199&sent=5&recv=8&lost=0&retrans=0&sent_bytes=3123&recv_bytes=1225&delivery_rate=6693374&cwnd=252&unsent_bytes=0&cid=538754eead0dbf12&ts=244&x=0"

informed.deliveryqji.top/us/assets/a187320bTeKnX.svg

104.21.32.1

200 OK

1.4 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/a187320bTeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1423 bytes)
Hash
727843b155e8d17b36470433c75142cb
0b2b7de329b80ccf5ea8f2ed83ee76a9d9826cc5
622ab2e0b23aaad32666deac865b6d4993799d91e4f1fd831cfd12113723c6b6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/a187320bTeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FKIs4vTRb%2FgTkh5uj7FGqHp0RvLyjmCEVMdr6pwya4VTGR2dbsAObf7ncw8PCCcIZWBX%2FFzb491bd84srQH%2Bb6IRMMLgcyvtbFPVgP8Xi%2FhKENLf1R1%2BTVB3qv51mCmNWqeN%2BWZt%2BuZhhRQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"58f-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d66add56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/

104.21.32.1

200 OK

1.6 kB

URL User Request GET HTTP/2
informed.deliveryqji.top/us/
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
HTML document, ASCII text, with very long lines (1711), with no line terminators
Size
1.6 kB (1638 bytes)
Hash
5a7b41992ab47a59eae4f5f930fac487
51e09d3d4abd87b298c38485c4af99a870f12cbf
ae50611d3ec8f6d4dc1029fc44d896e2d0cd7354d482152ac8d61dc9e5e8f1c6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/ HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 12:37:51 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtoGl9r1knUXQEoK4dvKapDeUUmnSS3jP2UJYTMKw%2FlqANdMBHrTwlhTGsY0XXBu3frV%2F87K%2FCb4XyMnshO1uF4CtRumB3klGGSWs5JhUCa97kRuftK8lXFC5t2stDtcwTdc2Ob61qsnw8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8faa52c418a85697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2145&min_rtt=589&rtt_var=2939&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3211&recv_bytes=1126&delivery_rate=5271844&cwnd=254&unsent_bytes=0&cid=7eaeaec99ac4c037&ts=289&x=0"
X-Firefox-Spdy: h2

informed.deliveryqji.top/api/MC42NTgyNTg5NTA2Mzk3MDA2

104.21.32.1

200 OK

5.6 kB

URL POST HTTP/3
informed.deliveryqji.top/api/MC42NTgyNTg5NTA2Mzk3MDA2
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
openssl enc'd data with salted password, base64 encoded
Size
5.6 kB (5620 bytes)
Hash
245d21ed24498defb92fa5914bf48e2e
b131b4a5951f1fbffd63d17ffe68a582402ead48
9d8ef229dd52c6cd1217a893d9ee31f9cf3fc7a004f035600203c704e90f0b72

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /api/MC42NTgyNTg5NTA2Mzk3MDA2 HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/encrypt
Content-Length: 292
Origin: https://informed.deliveryqji.top
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CMKrP%2FeOVUCkSboqO7LfIRlqkhd9%2FTIzk%2BNeguSIpY4n6MFbWFGXk5WyDh1SXY1nlmEkDwDxHJMz7o35zkudtLSCxnpeXyGae4NG5EUvkW2Fo0HpdagCHxXJmKYrpwE37kSEQHGyD0SBNg%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
etag: W/"15f4-sTG0pZUfH7/9Y9F//milgkAurUg"
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 8faa52cf7aa756a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/23.svg

104.21.32.1

200 OK

1.8 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/23.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.8 kB (1828 bytes)
Hash
ca97d316918d1a2d3e10867e851203e9
a6bc710d53c7fc71a5b10b836772c1eaef84e626
e7684e53314998a8f71365e0089c56da62a8b163e1dd10cfc51348705b6c316a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/23.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pZJA7y48Oe0McFJj2A%2F84ifchT47AbZ98GK5B9WUtPu76koUEXz6XsNR5mh10T4kme67UGbF5fRDveImmSCaQfe%2Fjwxt6H0gqBBNZSe3RMe5hQt%2B7XOwmwf0i9AN0KmOzfmM90%2BvsqRssX8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"724-190b57e07b0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52d60ac456a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/a66896d0TeKnX.svg

104.21.32.1

200 OK

1.8 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/a66896d0TeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.8 kB (1828 bytes)
Hash
ca97d316918d1a2d3e10867e851203e9
a6bc710d53c7fc71a5b10b836772c1eaef84e626
e7684e53314998a8f71365e0089c56da62a8b163e1dd10cfc51348705b6c316a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/a66896d0TeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hovMYhQaz5tZmZJpmIcQU5PgRRQ1JSUFWmIqblxBfbJyXTTeUxQSvUk2Gpc5YdOa5fN2rwM7Z5AtNVTjSUmfesMJ0NR48AL3%2BXyqt2fNw%2BDlKfk8hSn6s5VX7zuUErioyHKWpnXfujfJZvc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"724-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d66adc56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/layout/images/42.ico

104.21.32.1

200 OK

32 kB

URL GET HTTP/3
informed.deliveryqji.top/layout/images/42.ico
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
32 kB (32038 bytes)
Hash
3f0f72ed57a54b97cda500bcf0545efb
2f252619c18e729d98e16b96d37cd7cd567b38eb
67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /layout/images/42.ico HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:55 GMT
content-type: image/vnd.microsoft.icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ev55%2Bj8iiJNFRKMAmOZ07kF1ev%2FBJpuk8gPaVGDVoMNqE%2FCp453kHpewaO%2F2p0NCJ89VWWXWOAEYSaPJdHaVhsFR4U6B3x4bdlcM%2BG%2FXpTnyFWFjOlnswjgmsiaFPgzH9aGADu%2FnBuYwTSk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"7d26-190b57e07b0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d9caec56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/143268e9KXMp5.js

104.21.32.1

200 OK

4.5 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/143268e9KXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (4487), with no line terminators
Size
4.5 kB (4544 bytes)
Hash
6426782ca5bd693d969c3e0414860f0a
79777b3f4e69c741d735caa3d8f85fcc59832533
338d235f941bde7a940c6fd79b90f883d2024afbbaf17f3a8fe27da8cc740d56

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/143268e9KXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://informed.deliveryqji.top/us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:52 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2B4Oo5bk3kQZgvFWDouPcbjhm%2F8D79jWpYaDXn4NuoDfGtiGadcgmj%2FXczS07D4rAaEO4GOwMfq47boWUlhFvKHEaeNxCTQtgVwe5bBmCggvM8N%2FgWIxirJYzphl6Fva1KtwSCqoD%2BvoJ48%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"11c0-190b57e26f0"
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 8faa52caea9056a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/143268e9KXMp5.js

104.21.32.1

200 OK

4.5 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/143268e9KXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (4487), with no line terminators
Size
4.5 kB (4544 bytes)
Hash
6426782ca5bd693d969c3e0414860f0a
79777b3f4e69c741d735caa3d8f85fcc59832533
338d235f941bde7a940c6fd79b90f883d2024afbbaf17f3a8fe27da8cc740d56

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/143268e9KXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/index-4b020bd6.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:52 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AShfo1px7mEmOMIvoHaCcjfU%2BkuuGSTB1uVfrp6wV7QGfrwxa7Qu%2FGX0aPQs%2BbdruoiUiDhVP7z3MJRW3Mi6yhgzpoX2zVYtroHpPwaUQxQ%2FzLYAbvd0wF6QYUqPJuOygbcg8JCGxrfCX5U%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"11c0-190b57e26f0"
content-encoding: gzip
cf-cache-status: HIT
age: 0
cf-ray: 8faa52cafa9256a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/19.svg

104.21.32.1

200 OK

1.5 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/19.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1536 bytes)
Hash
08e6cb9831657c1177e060778330212b
eae29970f54d58628c154e23f843b3809796740b
6b4e91f2245daea58783882cb0bbc39bcf11d098e55d8b2493eb163ed687e1df

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/19.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5HUkj2dTmue4CwAvij9lQ4vlG1gGWWQrkHFon7Tg7hSw0Cgm%2F%2FY8y9%2FV6gSBILP2DGLfoPo1iCkNcNKrqKKqe6ud8rokzNx17cEu8ikYKuIktYxlI0khL5Y5ozjqRxUKrFYOSYf4G%2B2IsrE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"600-190b57e07b0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52d5eabc56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/9.svg

104.21.32.1

200 OK

1.1 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/9.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1089 bytes)
Hash
cb279b7498da53b8d9de4f92707b61de
c7048b2cab8867f8bb184bb94a760a6365e22a59
f9ed6f385f4f1ba73bff3eff561b62cf39e50e9c5955623c5df2f297363c740e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/9.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpBm4LdVZdBeCy%2BawSkl2LI8ZW92D0yp8JKdUh3ijGIXyHSE60SOd7AIDFvB9bPmMjAGIUDXe7aa0VviYuuKiG6HJTmbK1JgKdK6B2j0Qrd2Hb7LTxnMX688hNVbLJXg6aPvRP7ubpNmSJw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"441-190b57e07b0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52d5fabf56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/893b5448TeKnX.svg

104.21.32.1

200 OK

2.2 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/893b5448TeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
2.2 kB (2217 bytes)
Hash
6088261f72b5ce3642b5cec0eb113793
d132c9f520c2a5b4a724c5ecb2e8fc4f4f45fa07
2a7560f8b14ba4d21e129f29758c750aca7787cff99c49c1c05c389d22a15457

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/893b5448TeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V7Y%2B2vkLGJZs1tT295EYGaphjk3IsvWnTPY%2BKflJ62sosMrvDTia1gQwtQ1ky%2FaqNcFOv%2BDa4XiAk4sVBhDC%2FK%2BFbUHLqGAHCtviXxV63tUB5KxNeecWhES1Bg1G9dnK1oncn9AM89ObtPs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"8a9-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d67ae056a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/b2728704TeKnX.svg

104.21.32.1

200 OK

1.1 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/b2728704TeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1121 bytes)
Hash
4554cbdb5e84baf194db7efa63951371
66719fafdb1a0a831b647addd645607f0449adef
7e7cf980806d79cc11f61e846573b77d601c9eca47cbf1b760a072c66288e8ef

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/b2728704TeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CUQPI81ohn9AUKRX7wXM6K37jsuvNphAfSV5YbTNhZUbW%2BjseDdwWMNrHxc6l7fk5cUM3sTWQdjey%2FhNJslWzb8aS1HfTI0kxB3xIC6Z5Mjwjo9kJkMgAPPEDE9yorSzQzfW5iRP34z94tM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"461-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d67ae256a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/78d59236KXMp5.js

104.21.32.1

200 OK

35 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/78d59236KXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
JavaScript source, ASCII text, with very long lines (35025), with no line terminators
Size
35 kB (35025 bytes)
Hash
6522e60f9822e53e09a7eed80d7a763a
82ce9d143b9e9ed6bed370e0906cdb3b3c4847cc
1dbe4d7cc001b0da4fcabdd95aa562ff892f7a68f311727aff2092720b77e735

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/78d59236KXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://informed.deliveryqji.top/us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nDQUIrLamSBBnrYPXxWDAN11j45r4X5u0WVtoRw7YDyvg44%2FkjpetzkhE00BMugoqln0d2eTYQrRxNDctbHcG4Xu%2Fwb%2BHolTQVHk%2BsJQKvsELovge687GBd89I%2FqIPMvVCwBMY0Jdx0odK8%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:24 GMT
etag: W/"88d1-190b57e2ec0"
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 8faa52cd6a9856a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/8.svg

104.21.32.1

200 OK

1.1 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/8.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1078 bytes)
Hash
4eaba35653e775df78f96942d040dcc3
f5fd90e8f32041520795f0c82a1652124a02f93c
08f3c04fe589387977fca30dc02a87bf42ce3c066fc28c1071be412aaf9cf852

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/8.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UzR6EsDJYlK%2FO0xe3JvoKSoN0hrra5PmzCVQ7v75cF%2FCUEhHr4ogO4XvzFgUKiZ808YPgVQ28l4%2BHEpYmbHegf4aV8sK3jPo197RKKkTAXPP9AokEF2Q%2FyQIStMUf7QvPabgSsxo1m%2FuqZ8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"436-190b57e07b0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52d60ac756a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/d4b14678TeKnX.svg

104.21.32.1

200 OK

3.8 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/d4b14678TeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
3.8 kB (3837 bytes)
Hash
cab1a9ae2b54c2e9db2bb305fed13526
b77e48cefbe7ab771603bf6cd2ae5df451f00983
0323e3701552df9371a1eac83efeffbb2b1a49f48de0ba6193037072ef86f886

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/d4b14678TeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BSn0uUtcrOu6UMfc5OVP0hmZCtQPoKEtCvqOVT9MUmwe8ciWJR6ud1hCjM9uBvXcKW6AbKJJu33cRqmbJoSPUkijYWuRFzmdciIHNlR97qzDN0PRYROFAAWANr1qnPmHnzDAuOfwkmGJ0eQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"efd-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d66adb56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/8c84efd0TeKnX.svg

104.21.32.1

200 OK

2.5 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/8c84efd0TeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
2.5 kB (2535 bytes)
Hash
c0b073578837924579ce25dc32d69c37
9b6cc85096bc4c634fe5625c7f399a273fd468d1
f6b5598453fece3bdf76222a246cc73e36d5df1896420a35a3c31c3b58cfa2ec

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/8c84efd0TeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ft2KCaMgs2zqcm3vimFjyTndoxyZPa84cefCOjMhv%2Fl31PrMcGN8Fv%2BSJpnwlm0G6HydK%2FOiWGgXyxiycUtSNRyCj10mgmdqJrwkRAtxFND8bq5Whlfm9bejMJAOxy1hR4VDi%2F5sKmWqd8w%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"9e7-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d68ae556a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkGAw&sid=l2B885WWkTrJl3efAm11

104.21.32.1

200 OK

98 B

URL GET HTTP/3
informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkGAw&sid=l2B885WWkTrJl3efAm11
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
ASCII text, with no line terminators
Size
98 B (98 bytes)
Hash
166e42f4c8b223105456b12d23f7239d
2e443e1e893080677d47db9e0ae5733dd4c82c74
ff6297a5a6fcd3f2ef768c1f7db0007720cdc2c47597874926cb56ead0ead79c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /socket.io/?EIO=4&transport=polling&t=PGSkGAw&sid=l2B885WWkTrJl3efAm11 HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: text/plain; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fKq5fMNJiqaCf3nYQZ8z1Ml4ZChb8qFPCPZjENKI1y1F5hdowoXeo0uQMtHCRfloQsgxgz%2Flc%2BrRXezH5lpJ5jyAkbLK1jRfobdzIqc7NU0y7ekgGIA1mmie5iy%2Bm0IhcvflcdT%2Bkm26s0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8faa52d79ae956a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/6.svg

104.21.32.1

200 OK

1.8 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/6.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.8 kB (1827 bytes)
Hash
7e63b1510cfe1e7b2e2c00dbe7b48f49
7b13f782d0ea7d101e612cab914da1574180fa76
3bfb113a66658cfbfb3238b0210f43d4e564d7fce174ee72f3ab8d3b8b3cff41

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/6.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wr20ZXTOLMHKUiR6uQcwZINocxiM9I4T%2B216tA5tdceKVyBAvcTsDISUcal93UASHLjZ5sZfOFSwYPsIUOdC2Jug8ME54MKEIp2eg%2Fp3FejBG6SQ6odgMy9AcEnfMAdT%2BeriadokNIWH2WI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"723-190b57e07b0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52d5eabd56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/e394ed97TeKnX.svg

104.21.32.1

200 OK

1.4 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/e394ed97TeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1439 bytes)
Hash
adc46fece8cb7fa2268d489fa86edf4e
c6908597485c4fdf41911b4fb4b329cdd74d216f
32d73366a7a92a7d47c4edb18390bf63a5c9c45ab3777e17672f22fd8a99ae50

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/e394ed97TeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zOxUf1sQNcmDWXLR32Xgv%2FTRBi4GYmJS9r2TprL0%2BD1ZuojCRUtNq8GIi0aZhjXt5BUSO5Q9RCDnj0f%2BTfxplIHKzxx99gliYqoV2GKEthEXqpoGogcCOGRCjrAy9ZDv1DSK6qi%2FGy6RnHU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"59f-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d66ad956a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/index-4b020bd6.js

104.21.32.1

200 OK

505 kB

URL GET HTTP/2
informed.deliveryqji.top/us/assets/index-4b020bd6.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type

Size
505 kB (504970 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/index-4b020bd6.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 12:37:52 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:28 GMT
etag: W/"7b48a-190b57e3e60"
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CZMhJ%2BUnlOmpGXqQXiTI75ptjWrJjl9Pp0Y2uXcMJNAqDoFrADJkj%2BmSrV5KxVDbAoExFxdfShSac9Orih4bxIJK7vJSBwsfHTd2f1luSsEi9TKybAfG3MXm4anO6Jo6P1JdRIiwIPp0oo4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8faa52c6cabf5697-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1982&min_rtt=589&rtt_var=1962&sent=13&recv=14&lost=0&retrans=0&sent_bytes=5565&recv_bytes=1380&delivery_rate=5271844&cwnd=257&unsent_bytes=0&cid=7eaeaec99ac4c037&ts=950&x=0"
X-Firefox-Spdy: h2

informed.deliveryqji.top/us/assets/09bf01f8KXMp5.js

104.21.32.1

200 OK

2.0 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/09bf01f8KXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
JavaScript source, ASCII text, with very long lines (2041), with no line terminators
Size
2.0 kB (2039 bytes)
Hash
1e67c34def61211039d07f517c83995d
b940591f1579c910c6ece5db3365243e658d57ae
86d830a07ff01225b0d0982ff6ef1cee81dd4fc62ba9793e65e4e5dfedb6962e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/09bf01f8KXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/78d59236KXMp5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pI1kPfIx7M3VSnzdLOuZ%2FnfVwYkGKebc%2BSE0cxUvW%2FPiX%2BLaHk60IvenKEMMOARiZIj9Km3PjZ6%2B2bjIn42XUVQYH3bAk5uPZIbrOaqyyO6Qbkf%2BUDenOhRM42kGZIMabxEXd64%2BwF6%2FXaM%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"7f7-190b57e26f0"
content-encoding: gzip
cf-cache-status: HIT
age: 0
cf-ray: 8faa52cf1aa556a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/11.svg

104.21.32.1

200 OK

1.7 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/11.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.7 kB (1745 bytes)
Hash
75fbc53b9d4eb2955ef50ccf6c387f67
eda619e26b809ca623a9cb9bf9d5ba4820296ed4
57ce21523db601d378fb02cdd6e29a6eb175db9fa2c9355ca899a5b3f1886bb7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/11.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1vdy67zweoMNKbp6vpGCO9NFpEkLcGQLE7YMYKO3UwzZbgjBP2Ea9KqqhgTRVeDO0oUVFEcOoobkYq8%2BjMk9HRvaJ4WHJueBmAwgk3E%2BOzk7Bg0HvjQs%2F1xIRQwspp020V%2BRyhTYN94%2B2m8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"6d1-190b57e07b0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52d5fac056a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/10.svg

104.21.32.1

200 OK

2.3 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/10.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
2.3 kB (2265 bytes)
Hash
f0a90ef52b3dfd5638b72a9da1f5d65d
0cb3db14b5f42ee563d5fd02ad6c0ab62009ad4f
257c154b2024b6a623fc1a2edb3450f4dbfb4d0d9311c2129fecc95e3bf6e496

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/10.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5InPNpS%2FnnhY9dY30FPmcp0n956QO7bmCuvuqkKnsW6MYfKJ9SpovNZ4SgF7xtwRYrYOGSVmeF4Fu6Li3WH0CkDegsIyetiA5BEo5R1l2h3Ol1ljBh2OlENddpekKNHhfTf09DqBm9MW38g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"8d9-190b57e07b0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52d5fac156a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/22.svg

104.21.32.1

200 OK

1.4 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/22.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1423 bytes)
Hash
727843b155e8d17b36470433c75142cb
0b2b7de329b80ccf5ea8f2ed83ee76a9d9826cc5
622ab2e0b23aaad32666deac865b6d4993799d91e4f1fd831cfd12113723c6b6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/22.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lZnH0%2FJ9wXJlzXJYssFaOUB7SGU8t13TePOcEnP9hsvfzZaITxruB9Zd6DOAfrIzeW72j6AxlWw%2FeEpbliH71Ov6K4haskmCy%2BT9uETomN0cbzfYraoLYvWmGvhu0uEBDO4vzsO0H0UlVr4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"58f-190b57e07b0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52d5fac356a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/c27b6911KXMp5.js

104.21.32.1

200 OK

1.9 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/c27b6911KXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
JavaScript source, ASCII text, with very long lines (1898), with no line terminators
Size
1.9 kB (1898 bytes)
Hash
7b8a6e4236805e691feb4a0ce3d32b66
2c6a3cfdb67023aafd19416ee94d384763c8b326
cc1f2b610f9de09a9d04b94b34bb5307cf831d2abe943ece7aaff39516dd1a70

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/c27b6911KXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/dc6d90ceKXMp5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=THFVE1AP0IIo3KTOar8vCyNQ34mLoHS%2BOzTchRtUkn1A6F4j68tpJkf4nQKyxueuorRUT7%2FbNLZ4AMTHnnGQqBA4ijWBEPE3RQzIyvs7ceZuVSL9KHNNXy9Bm%2BSvrTNlgCIYylNvXmGmYpg%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:24 GMT
etag: W/"76a-190b57e2ec0"
content-encoding: gzip
cf-cache-status: HIT
age: 0
cf-ray: 8faa52cfbaa956a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkF_v

104.21.32.1

200 OK

118 B

URL GET HTTP/3
informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkF_v
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
ASCII text, with no line terminators
Size
118 B (118 bytes)
Hash
050bd18d370950b70a10332066d3ad08
7f27c72677f6c8fcf1001cbdeda052482bd2841d
8138db7d6ec09e86fa68482bf66839f0aedeff739cb85ef9ce6d65576a5b605c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /socket.io/?EIO=4&transport=polling&t=PGSkF_v HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: text/plain; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i7cdG6OcBJLAxHCQU8RwtFSOTneV30vncboLkOqBt2G9gYLvTqPKBt2yhYX8oFybePU9gSoruaSBkX0oyqAB6qFaq02A1IWz%2FPJOIbvf6C63w5YnxJbNrllU%2B2CsLTl91EU4QILBONHNQRU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8faa52d32aaf56a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/46.svg

104.21.32.1

200 OK

1.0 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/46.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1048 bytes)
Hash
b261882670880b12630bc2ba3cacacf6
f038fd9b8ddc5583936c10c1d7333362ade9f08c
a2c5dcb1002516acba4498038a486f417d2ff87c4884c3a518fdf5fdf8903337

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/46.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIFYIx%2BlT%2F1BlajPoLH5wpT0bne7hcPyxk1ilG9xXnGWj7qVKt%2B1wtQiOGJPordaOGj2LK%2FCGZu2DKNLidtybOLqH6LraI0mVEQeaUm8gHEMnQCyeQBAKUNM51Vp4qG5HYmpCwXkB8g2hq8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"418-190b57e07b0"
age: 0
cf-cache-status: HIT
content-encoding: br
cf-ray: 8faa52d60ac656a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/0cabecd3KXMp5.js

104.21.32.1

200 OK

115 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/0cabecd3KXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type

Size
115 kB (115244 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/0cabecd3KXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://informed.deliveryqji.top/us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=93b%2FIGgNrGsjjb4X%2FRjOzPGDE1aoCDKCNy%2FUAKvXZw2caJRW5AosIPTnYBnG8Kgq7QMjFiasW%2B3FQktTzSZdFtBbZZrONZGQmd4R7TIYGkCLZ40gKekUuiD%2FSbjcSpyV4OlwVcKd1ykQHYY%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"1c22c-190b57e26f0"
content-encoding: gzip
cf-cache-status: HIT
age: 0
cf-ray: 8faa52d33ab156a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/45.svg

104.21.32.1

200 OK

2.0 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/45.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
2.0 kB (2013 bytes)
Hash
d9f55e5242bd0235b9e2b40639888bb0
e489c2d6ea26a51912325500c39c29b97eeebb11
5c8c19d751e128afc3d211a09f7c4fe814fc9941f3968248edf08a59293df2e8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/45.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVUpMhVTzJ9iPiDh3SypMlI3oLAJqV6zeqRc3nFF8hAALorbmJuM1YQazcTExfXT0n9Blyff2Waf%2Fkpkv8wgpSHz7OTYES%2BlTw9v8S0z%2FBqJEuHNrud9hDvEt%2B%2FZHWeZ4QwfuLKWbnJvpqw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"7dd-190b57e07b0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d5caba56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/13.svg

104.21.32.1

200 OK

1.6 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/13.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1616 bytes)
Hash
3fbfdb86318f5a17fac959916ca3a0c8
3aa3143f9e052e1fccc76066e0943769b40d5049
d35412273fe4fd942290541e39cf424a0d55ad086e8aee6787f40f6b0fe65d06

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/13.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fx4SNalrxVypx8sXYaoU%2BEdd68dyrffjhtxv53p%2BaZzJO2as9n2%2BhoWzi0zi0WzkOldRbARNVGHxckFeHLk9fVhxuMm13U63JRB04xFgIet0vnhkv93G6brYovGqLMpVF1HYewbbdgPcrQQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"650-190b57e07b0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52d60ac556a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/6cf75c4aTeKnX.svg

104.21.32.1

200 OK

7.3 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/6cf75c4aTeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
7.3 kB (7250 bytes)
Hash
944c94e9337e36b2b7c635b3dc58f412
d5df68ef3a86a77bab9c04cdf0421bb318684ef4
82df13ac820703afeec658c51e401dca102af5bc99f31edc61d51f0ce7586943

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/6cf75c4aTeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FU3wFsFQo175JeABvDEfOP4Xh8rVRElvtI1xShiih4GnDTUYzfeFUThfFIyGOsIDfFDJZ5ndLZAwtdFXwt4EMA%2BGZKXszDfbMaBpBw79Echq2mQgz%2BWesS%2Fee60RlK%2Ba%2BIMw%2B4sXvoTaZ7Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"1c52-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d67ae156a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkG5c&sid=l2B885WWkTrJl3efAm11

104.21.32.1

200 OK

58 B

URL GET HTTP/3
informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkG5c&sid=l2B885WWkTrJl3efAm11
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
923d3329381a0ced3b567e76cd26dda3
21274fa7c09002d734199c240ff6bc48a2445ede
829398e85d96f5b9dcc3cdf79bef05c85bfdc8499a143e05520980377605cb63

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /socket.io/?EIO=4&transport=polling&t=PGSkG5c&sid=l2B885WWkTrJl3efAm11 HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: text/plain; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tvm%2FqreuzIasvr28ZUF%2FofPehX0azckVpcicVowVD81%2Fi%2FPP8YsqxYa0xF68OHFn0DZWAg79smFd2tUgKx8IshQq3ZDSuGih5KTg20IuI5%2B9ikEmqtb%2F0vkeUaI0P2LCNDAfahFBcahyZOI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8faa52d57ab656a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/43.svg

104.21.32.1

200 OK

3.5 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/43.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
3.5 kB (3515 bytes)
Hash
e98a829d822d9757dcc5923a66fe6dbf
6a1bd79e3461ba2f61d5cdc37043ee951ee26206
adc47400701f0bb91f2867dac269f43e50d126f2568b1aca608c94bf3071f833

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/43.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x0ikp3najtGz5PGm2T41yIkicftHPqOEvDKf2HkkkLUBixvDhljznwxBgZo1vayzL9zEw3skuFDSEnvO1Yzqjz1Imj6uFpaftKN7u7%2F5%2BLJ5af50ELD1ALzATmOIPySuupQWsv1CpVeNy%2Bs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"dbb-190b57e07b0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d5cab856a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/5.svg

104.21.32.1

200 OK

2.6 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/5.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
2.6 kB (2550 bytes)
Hash
1b5b1564dc7d347e94f95d466cd4c281
f8892f8f9b12974f5b64f3d2766bbde5d2c1b4a8
39902a2b14fb1ac93e29e4ce341ee63b0122c2edda55bdb0d177d332072ff276

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/5.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1W84SUsX1BPPd0i4Vevul3r%2BzgS8g92W2pdSvpEUFMkT1CNE2%2BtGQR3%2F0BgKNwNPf5YMcBPYXHbIcKi9u5hTS02FtyhCOzWfH7hy7h5isPZ0PuCx2kGXpBtYlWY11ObzixEX6wOiVOX9txc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"9f6-190b57e07b0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52d5eabe56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/12.svg

104.21.32.1

200 OK

1.4 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/12.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1445 bytes)
Hash
2be58c9af1e43a6af20b35ad6adb222a
360f010f66126d5a96aefbca3ff18a328ef55fde
68e4484030a1d6c6d0fabf32184431740b99c45eaf0cfd6a4bb6245cc7136dc4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/12.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tb8SfxjBT4unWSmRM5gfBAlYcfz5n4iup7N%2B59OMOb9yhts4K3TUmoTxFmI%2FIFVE34UcIDaaO3kQ4nxbO7Tn8v4bQFM%2FtxQNKuszgaGsXJk4iObufwpEtiWO9gnRzZAK2IHwv3nVd%2FdgcNI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"5a5-190b57e07b0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52d5fac256a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/5acd8d5aTeKnX.svg

104.21.32.1

200 OK

2.3 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/5acd8d5aTeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
2.3 kB (2340 bytes)
Hash
b0f4620f8bad87c3d6539e062a051e2b
5b4cd2436145c4df21c70adb0ded58732340516b
008fd90eed6241429dcda45567c33b8e42dda08cadc4ee37c32b829578fb3d5d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/5acd8d5aTeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RIXdRJ%2Ft7KryoPDeVh95z%2B3x1EibdkM5cAXFWfg%2BfzALBW0Hu0dPEDldQXjEuGJLId2I4swyb3whI7VJ%2BTPnAkHYH%2BQIi5rpcL4l51qscqb93c0iLVDUHmqa7t%2BbnhfF%2BrdQha0R4tc4L04%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"924-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d66ada56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/986ebc6cTeKnX.svg

104.21.32.1

200 OK

1.0 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/986ebc6cTeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1006 bytes)
Hash
d5e000eef8dcaa68cd64f751ed58bbe1
ea5f010cf037aa26788ee74d0b93431f769c99c5
bd96da0c1c77a63e3eb4d350d786cb53debebe069efd91879f62ae24362fc53a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/986ebc6cTeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0MIsq%2BQ0vf1SBw3o9B9pm8%2F58oXJYF%2BtEff7JsJCvBFjh%2BAWUHf1cI6SVkuL2xJwE%2FpOxHJkGEcCNCSChue4exFl99i%2FDoUcJ5FLaYG%2FxhJohFZAc7jmqpuCzQJtIMQLbxNdhltlKjwLoII%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"3ee-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d67ae356a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/f0ee2557KXMp5.js

104.21.32.1

200 OK

53 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/f0ee2557KXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
JavaScript source, ASCII text, with very long lines (52436)
Size
53 kB (53442 bytes)
Hash
a43174260c57c600a93e9785483ce823
674dc958475b7438ba5c2e623879e6d9ff2a82fc
ca68702aa3ea8779f34864cc6285bce454103a111c1255cbf22c9e8dd3292aa5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/f0ee2557KXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/143268e9KXMp5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:52 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3M58fPCm7RAxijsDyq6TwnW%2B%2F%2FHLIUtpxEcj11baPog2PMhV7e%2BXQywKTmddbWyEEeKKHAbZ3r3et4PinObMh3c4Fp9h9UXUyw7LU5QO1C92Irqcr%2BDe47EqfMvwDVZo%2Bs1unMGVhaffV2s%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:26 GMT
etag: W/"d0c2-190b57e3690"
content-encoding: gzip
cf-cache-status: HIT
age: 0
cf-ray: 8faa52cd0a9556a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/62ff200fKXMp5.js

104.21.32.1

200 OK

70 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/62ff200fKXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type

Size
70 kB (70095 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/62ff200fKXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://informed.deliveryqji.top/us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=diMJX2xnvA%2Bcn2yM6qSVE3AOv97vnzKr%2BDpMlAQA2k3WrfzgygElfH%2B9V%2F5%2BHwiizcz9jyZPerKRTPhpflOHyAy7MPGjsoQSltjUzXZ6LYk6yaaiMAJGpDxJItiNr0Dgq2syp57z2o85YSc%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:24 GMT
etag: W/"111cf-190b57e2ec0"
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 8faa52cd9a9e56a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/index-4b020bd6.js

104.21.32.1

200 OK

505 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/index-4b020bd6.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type

Size
505 kB (504970 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/index-4b020bd6.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://informed.deliveryqji.top/us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:52 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRYZIbvbu%2BafRjSP1Jgz%2BE9QXniTWy2ihvLqXulqF%2Fcf%2Fo6itc4glNFLrXbuc9oemWkcIwYmhjHmQtimJFOsOh6c2Wyn1J%2FB0idpB22zrO9H7EZPRi6YSCzxTeNURXXKKqLszT4u7KqGw5Y%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:28 GMT
etag: W/"7b48a-190b57e3e60"
content-encoding: gzip
cf-cache-status: HIT
age: 0
cf-ray: 8faa52cdaaa156a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/f0ee2557KXMp5.js

104.21.32.1

200 OK

53 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/f0ee2557KXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
JavaScript source, ASCII text, with very long lines (52436)
Size
53 kB (53442 bytes)
Hash
a43174260c57c600a93e9785483ce823
674dc958475b7438ba5c2e623879e6d9ff2a82fc
ca68702aa3ea8779f34864cc6285bce454103a111c1255cbf22c9e8dd3292aa5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/f0ee2557KXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://informed.deliveryqji.top/us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:52 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Asq3v4f1l5vFvakf5YEGHf9u%2Fh4%2BMYXTH9xcu4NkhBWykWuCi6KnzrycKX64rL0y%2FZgiuPv0Tvt%2BEHRThaf0YIjGWtFrkI5JtUEIEemeitZpd3YTpIQ2FnU%2FbD4Y%2FhpjmWjQ3h6j8bXeRa4%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:26 GMT
etag: W/"d0c2-190b57e3690"
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 8faa52cafa9156a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/favicon.ico

104.21.32.1

200 OK

32 kB

URL GET HTTP/3
informed.deliveryqji.top/favicon.ico
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
32 kB (32038 bytes)
Hash
3f0f72ed57a54b97cda500bcf0545efb
2f252619c18e729d98e16b96d37cd7cd567b38eb
67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: image/vnd.microsoft.icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YFszt9DyusbKrh9XgbJBPnPXMSkTSusJPlWwvckcqs41a4PkFSk4i30qJ7Q00KtAhAYUDOMSQkMa1yZtMPhxr17mp7AwCpr4BGh3h82QBrtSnwX0DGDD1tTvksv7freOhNv0%2Bdm0UMXSBqs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"7d26-190b57e07b0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52cd5a9756a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/44.svg

104.21.32.1

200 OK

546 B

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/44.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
546 B (546 bytes)
Hash
877d4644f0a505bf30be77169524e441
d85faf0831fb39673ad3733ad6ecf1d8bac778cd
2336a119dddc7aa4b6d54a4ecd251f5a30cf0572816db55b92e9f0b43ee63ecf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/44.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tSg2JdmfqPM1n2I7qKgPBFm3ecKVF1c1CNiJjdfrS9Wdr4d87vbYmoWhs2lZBbPgPMIK28Os3wo53iJwnY%2FgaOqM0H7kbuvq1vgze16%2FRi3tkY%2BJNdrI6y6TNCYxtzzCGNpgmoBK5mMfNC4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"222-190b57e07b0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d5cab956a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/layout/images/2.svg

104.21.32.1

200 OK

1.4 kB

URL GET HTTP/3
informed.deliveryqji.top/us/layout/images/2.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1439 bytes)
Hash
adc46fece8cb7fa2268d489fa86edf4e
c6908597485c4fdf41911b4fb4b329cdd74d216f
32d73366a7a92a7d47c4edb18390bf63a5c9c45ab3777e17672f22fd8a99ae50

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/layout/images/2.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBiEbxflu2NzhC2cOXc0rUOjJyO4%2FwMxiHNeg1I%2Fro2QW%2BM72VZ9tkO8X76JsyijnbbUfLPmthPU9gLnLFxFwedpnXruhDFJGiePlcUC%2BpHnW5fZwt1b86MJJkAocHb4ITuCcxA6t0BK0iM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:14 GMT
etag: W/"59f-190b57e07b0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52d5dabb56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/e65c6b17TeKnX.svg

104.21.32.1

200 OK

2.6 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/e65c6b17TeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
2.6 kB (2550 bytes)
Hash
1b5b1564dc7d347e94f95d466cd4c281
f8892f8f9b12974f5b64f3d2766bbde5d2c1b4a8
39902a2b14fb1ac93e29e4ce341ee63b0122c2edda55bdb0d177d332072ff276

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/e65c6b17TeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fh9fwyWLoJS%2FWFnQKzBMh0s9QCMNwc9UU57VC7flaHc%2F1QMucHkRPyzadmQGi%2F8OlU3NXkIpe8KdQ6ck%2BNL8Zf5QQXoJrtwht%2FX5Zm6uthrlM53tePyvHUNTkHQdgqHhP4U9dfa%2FIQnlCR8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"9f6-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d65ad156a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/87f26b59TeKnX.svg

104.21.32.1

200 OK

1.8 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/87f26b59TeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.8 kB (1827 bytes)
Hash
7e63b1510cfe1e7b2e2c00dbe7b48f49
7b13f782d0ea7d101e612cab914da1574180fa76
3bfb113a66658cfbfb3238b0210f43d4e564d7fce174ee72f3ab8d3b8b3cff41

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/87f26b59TeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FeZ62KNjO12w9JgJZ5RFbMQq4FhE%2FWO%2BJG%2FT2DhGovf3Eu1xHlk21OPoJcum2At2BXqFKPNujgSiDNZAVEGPFl3MMXPfz04804MT%2FIRJXRWMTnlilXIJ1G8kpQeVeqvdfZWCqtqyR2NxB%2FM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"723-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d65ad256a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/da2e0f69TeKnX.svg

104.21.32.1

200 OK

1.2 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/da2e0f69TeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.2 kB (1234 bytes)
Hash
6908931641755e0439879badd7d60325
bb620d016ac952020b5a234e5cc1448c11d0fce7
db9835eb4a5a2c0a97c5dc0982f7be2281e727322699d8a1df3b2a4155ea0f37

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/da2e0f69TeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4bwUzIt%2Fi2pkDmhdTbMxII1itnCezWYax45tguZGLz6MjtpqysdA0RwafxkQELJ8eEAJgZDgMVzz72vBDTVLki5tpHC9nsTWgoRnKHUJbBj3mcxRDQyZL3fNzMIgey84qVeoXXpksnroKao%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"4d2-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d67ae456a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/62ff200fKXMp5.js

104.21.32.1

200 OK

70 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/62ff200fKXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type

Size
70 kB (70095 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/62ff200fKXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/143268e9KXMp5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8dFYndiR12XUfABQJl0N%2B97ZbYg9S8me2JsN6A6Upi4%2BWrYNKPdNXNeRX8Ay9ViXcxClrixfKYhOQHxphGvd3nELM9ia1Mqm8QiBv9AcGWas4X%2Bwse8HFDaxV36WM%2Bb2t9ewq0EIg3w3Nco%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:24 GMT
etag: W/"111cf-190b57e2ec0"
content-encoding: gzip
cf-cache-status: HIT
age: 0
cf-ray: 8faa52cffaaa56a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/3213f1cfKXMp5.js

104.21.32.1

200 OK

112 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/3213f1cfKXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type

Size
112 kB (112045 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/3213f1cfKXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/78d59236KXMp5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BdOk%2B33uSFZTRIclZuVM7%2BxdFujUC1viJmQDND6XKpdhHX3Hfc7OL1BGyt9RkW2YkZUK9ugvmtI8cxdhCMxA6L7tgGcMVDvqBLPvWVadfDAYEK83%2FJpcWF655UAvqSG6srmIhySjCMDdXm4%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"1b5ad-190b57e26f0"
content-encoding: gzip
cf-cache-status: HIT
age: 0
cf-ray: 8faa52d07aad56a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/f4397cedTeKnX.css

104.21.32.1

200 OK

400 B

URL GET HTTP/3
informed.deliveryqji.top/us/assets/f4397cedTeKnX.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
ASCII text, with very long lines (405), with no line terminators
Size
400 B (400 bytes)
Hash
9989297b8d9582dacec12f0f83ab4e6c
703cf29c940b1a67f9ccff4f9a54318580771e62
790b7e56049294d1cdb8e9037875e82f3aade75764aace0a98d76b0f5080cad7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/f4397cedTeKnX.css HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: text/css; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3g52z89U7Y8uAHZnZFtiRwan4Y3fi1c8xo8p72TdB8Or5MOk0Ab4NjpuHQrZwfevGbs8oYzxcJckH4%2BnDwHDeUlWI0fLCbP6M6pP6z9qAYhgN6KQ6KTlNgfc%2FE2GnQ47xryF6mS9R6W8Nqo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"190-190b57e26f0"
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 8faa52d33ab056a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/23edd9acTeKnX.svg

104.21.32.1

200 OK

1.1 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/23edd9acTeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1078 bytes)
Hash
4eaba35653e775df78f96942d040dcc3
f5fd90e8f32041520795f0c82a1652124a02f93c
08f3c04fe589387977fca30dc02a87bf42ce3c066fc28c1071be412aaf9cf852

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/23edd9acTeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6zEe04sVea5TwHLJFjjBNK1hb0VHOXK0DcMQJ7FMY6QeDxMRauvReby52LTD4n3cjMFfSKs6hNJN1rkPwxtAZeFQB%2BrxLUaD37H%2FlWNGSyz2i%2F5b%2BhV2Q7S%2FdqWDlsAnBtKoP%2BCrN%2BYx4rw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"436-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d65ad356a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/c97621ecTeKnX.svg

104.21.32.1

200 OK

1.4 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/c97621ecTeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1445 bytes)
Hash
2be58c9af1e43a6af20b35ad6adb222a
360f010f66126d5a96aefbca3ff18a328ef55fde
68e4484030a1d6c6d0fabf32184431740b99c45eaf0cfd6a4bb6245cc7136dc4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/c97621ecTeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FaWKO34F2quYM%2B7SBgrdJiDoPBCtzU3re0NmDlsy%2BvKVNc4np9pPakCvZ5zhE8ge6%2B6HlerdmGAMq0KVJuNR%2BtxVPSJ5WyiL2%2FFHdqEVcU69TGTdeTEuYAPOaLazqzMiXLjLe9%2BQKEhl3bk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"5a5-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d66ad556a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/09bf01f8KXMp5.js

104.21.32.1

200 OK

2.0 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/09bf01f8KXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
JavaScript source, ASCII text, with very long lines (2041), with no line terminators
Size
2.0 kB (2039 bytes)
Hash
1e67c34def61211039d07f517c83995d
b940591f1579c910c6ece5db3365243e658d57ae
86d830a07ff01225b0d0982ff6ef1cee81dd4fc62ba9793e65e4e5dfedb6962e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/09bf01f8KXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://informed.deliveryqji.top/us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtJ2w%2Fg08Fh44YeRP%2BqFbr2GjJ5YVUIe81uAlp58jOAkYmTHbJXBcGhiFUvxeZIPm6kJWUaICYHvWCz%2F%2BkRudzsAS05YvtvQ9%2B29EYdnXY%2Bkb3PoWSFKj8frWepNoCmDWlaCUxqm%2B59Ff7s%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"7f7-190b57e26f0"
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 8faa52cd7a9956a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/4cd1ec68TeKnX.css

104.21.32.1

200 OK

323 B

URL GET HTTP/3
informed.deliveryqji.top/us/assets/4cd1ec68TeKnX.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
ASCII text, with very long lines (324), with no line terminators
Size
323 B (323 bytes)
Hash
a052a1d0472d36e588c9963137119181
78359d83335fcab1486d17bc8cb76c0af2d33d52
06f159ae6d2f47d1e349c757a4fa6e45fd4ec4961c9d705831b0009ed26d67f8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/4cd1ec68TeKnX.css HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: text/css; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJmEIUxbxnG1yniVpg0AHH%2FOYmywNQCIXU55yrwCdSrC2%2BFaSeGYg1A%2Bcg0n8XaGpI6neKOx2W8i3OlrvFzmrCJCqJLsybVKC1XPmDJbTMnTG0jnpJiwrlxSBsnY0AOULhZUOUvOHzkxq9c%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"143-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52cd9a9d56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/dc6d90ceKXMp5.js

104.21.32.1

200 OK

6.4 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/dc6d90ceKXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
JavaScript source, ASCII text, with very long lines (6413), with no line terminators
Size
6.4 kB (6351 bytes)
Hash
f571abec62ae50302f280f303e8a7c69
15dddf2a3f9907f79398cf308219dc061ae0b2c3
018fca074a2cbc04cc219bdd810582e81b035449bf4d0ba4e6307e00c38aa3a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/dc6d90ceKXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://informed.deliveryqji.top/us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Txhb2uagHzBNmETZ%2BcHOQD1Fs2xYBHlrdbU%2FuTDC4FNVBMyUVHbPu9OroU%2FIm0zm65iRLZZVmkT8vD78EC31AwGTEQGAhX5TOPeij%2FBnOBOdV%2BC6qrYsGvV03BGgID3B0FH2oFMnt42Puts%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:26 GMT
etag: W/"18cf-190b57e3690"
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 8faa52cdaaa056a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/f2e2ef63TeKnX.woff

104.21.32.1

200 OK

59 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/f2e2ef63TeKnX.woff
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
Web Open Font Format, TrueType, length 58690, version 1.0
Size
59 kB (58690 bytes)
Hash
a6e2d3921c9ea0fd81897d9ae7a33ba4
bc31969f2fb1926a15cd678b3e573c37a44e5421
f2e2ef638dd9aac863f0f6027ceb784cd4c5a14a676bed909c8f2ac4b088d510

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/f2e2ef63TeKnX.woff HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: font/woff
content-length: 58690
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HZldMAiHZvsey8d%2BHSaEOts06POq2ba55T7E6eKFgWSXSLbXx9CIBNi3F4QTbfaikIZf3u8yAk6gjDsYc0l2TR1QOubogaFjB%2FeTAE7mRiq3%2B%2FIBUHiXPu%2B08BS4OUBvvLoccd%2BXpxJHDKw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"e542-190b57e26f0"
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 8faa52d00aab56a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/b198e353TeKnX.svg

104.21.32.1

200 OK

1.6 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/b198e353TeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1616 bytes)
Hash
3fbfdb86318f5a17fac959916ca3a0c8
3aa3143f9e052e1fccc76066e0943769b40d5049
d35412273fe4fd942290541e39cf424a0d55ad086e8aee6787f40f6b0fe65d06

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/b198e353TeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FwerFr5GAP10eH%2B4GgBZ0YlV7MqUn%2BsSyPsXaCneKR0PWyHi%2BNt1nv%2FlDX8%2BKRZ6ksE2juIgRjntkttQx4B1NZPFtLpRYqmGV6z2rCe8DV0E78Dr0ebhEI5cwb%2FLv6LZ0Fx6JWixHA1DGYY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"650-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d66ade56a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/f6170fbbTeKnX.css

104.21.32.1

200 OK

952 B

URL GET HTTP/2
informed.deliveryqji.top/us/assets/f6170fbbTeKnX.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
ASCII text, with very long lines (955), with no line terminators
Size
952 B (952 bytes)
Hash
22202f64cf3dec61aa53bcdabe5b2011
6e591422d97c2889814a35ec7d999326c539f6ae
15e956138611bd7864abedf3bc568d8a72086933cef15b6bf806e3bec21175e5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/f6170fbbTeKnX.css HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 12:37:52 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"3b8-190b57e26f0"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2jbANly0wWcT9OFuLSw43jo5bdNIWa3CPoDJunHPCnttPTvbRlZ1wIJ3BeKe%2BbGhX75Uc%2FGQh%2FKlaW%2BgcKIl0FHQNJgqAfAjR2s4A7dm%2B%2F0h52AtdI6suHU46NqOO8h6N3yENmiQScHZD5Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8faa52c6cac05697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2111&min_rtt=589&rtt_var=2271&sent=11&recv=13&lost=0&retrans=0&sent_bytes=4599&recv_bytes=1380&delivery_rate=5271844&cwnd=257&unsent_bytes=0&cid=7eaeaec99ac4c037&ts=728&x=0"
X-Firefox-Spdy: h2

informed.deliveryqji.top/us/assets/0cabecd3KXMp5.js

104.21.32.1

200 OK

115 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/0cabecd3KXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type

Size
115 kB (115244 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/0cabecd3KXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/index-4b020bd6.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ugT8%2F4N9wtVp%2B2%2FReALZZUhpUzbgIeiR%2Bg663utcCX3E1whqiRNH3Q%2BZyVUAkGPb4jNHujqkudLOuLJEUqzdOsuVks%2BEgqmXLJntfH813T83LI6oHXF8917v3cV%2Fxsw%2FIzooY01PoAmnCk%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"1c22c-190b57e26f0"
content-encoding: gzip
cf-cache-status: HIT
age: 0
cf-ray: 8faa52d4bab556a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkG5k&sid=l2B885WWkTrJl3efAm11

104.21.32.1

200 OK

2 B

URL POST HTTP/3
informed.deliveryqji.top/socket.io/?EIO=4&transport=polling&t=PGSkG5k&sid=l2B885WWkTrJl3efAm11
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /socket.io/?EIO=4&transport=polling&t=PGSkG5k&sid=l2B885WWkTrJl3efAm11 HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain;charset=UTF-8
Content-Length: 49
Origin: https://informed.deliveryqji.top
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6TY1d1bS46RTuKn1hfrTaHDqwmI9CZsRGr6wxoF7gHu4O5yQREdL9cj0DJqTCWHE6%2F0xrTzkzj7viNadEzNQcVSMbt6QS5Y0396uQRew1fIcK5VWew3KyZv41q6XAqnpoIkESaNbzV4sIEE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8faa52d58ab756a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/78d59236KXMp5.js

104.21.32.1

200 OK

35 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/78d59236KXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
JavaScript source, ASCII text, with very long lines (35025), with no line terminators
Size
35 kB (35025 bytes)
Hash
6522e60f9822e53e09a7eed80d7a763a
82ce9d143b9e9ed6bed370e0906cdb3b3c4847cc
1dbe4d7cc001b0da4fcabdd95aa562ff892f7a68f311727aff2092720b77e735

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/78d59236KXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/index-4b020bd6.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vzFOlam%2Bn8VeI8wdSsXOVuuQFI09nSwdd9KbgOeBx4G1XCVwWdPrdsia%2BXLlUCqA5vWnWADL7ozDMjJIVxzQmeP48%2FqgYL6P1egrHysQKbmrB%2FDmlns%2FkOu2%2Bpef9FJIef1G7aHnSwyd7Z4%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:24 GMT
etag: W/"88d1-190b57e2ec0"
content-encoding: gzip
cf-cache-status: HIT
age: 0
cf-ray: 8faa52cd8a9b56a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/dc6d90ceKXMp5.js

104.21.32.1

200 OK

6.4 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/dc6d90ceKXMp5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
JavaScript source, ASCII text, with very long lines (6413), with no line terminators
Size
6.4 kB (6351 bytes)
Hash
f571abec62ae50302f280f303e8a7c69
15dddf2a3f9907f79398cf308219dc061ae0b2c3
018fca074a2cbc04cc219bdd810582e81b035449bf4d0ba4e6307e00c38aa3a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/dc6d90ceKXMp5.js HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/143268e9KXMp5.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:53 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MFvIHDA8EkQQnGvvqyc%2FFtTX2%2FoVFIIg3zEzrc5aGFus%2BadNWkhm%2F7c%2FZE5Kd1U6P5dn4xKCrSDenLekY7c%2F5Svn9x1t%2By%2FesoqGsG71z7sYPdE5sJi%2BMX4a98nYQDQt1vLcuoU8vbsjWOY%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:26 GMT
etag: W/"18cf-190b57e3690"
content-encoding: gzip
cf-cache-status: HIT
age: 0
cf-ray: 8faa52cf8aa856a9-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

informed.deliveryqji.top/us/assets/8cf6cd52TeKnX.svg

104.21.32.1

200 OK

1.1 kB

URL GET HTTP/3
informed.deliveryqji.top/us/assets/8cf6cd52TeKnX.svg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://informed.deliveryqji.top/us/
Certificate
IssuerGoogle Trust Services
Subjectdeliveryqji.top
FingerprintCD:99:06:A1:5B:52:AB:B2:5E:D8:D4:C0:36:94:A2:3C:EE:B4:51:17
ValiditySun, 29 Dec 2024 13:02:38 GMT - Sat, 29 Mar 2025 14:00:55 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1089 bytes)
Hash
cb279b7498da53b8d9de4f92707b61de
c7048b2cab8867f8bb184bb94a760a6365e22a59
f9ed6f385f4f1ba73bff3eff561b62cf39e50e9c5955623c5df2f297363c740e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/assets/8cf6cd52TeKnX.svg HTTP/1.1
Host: informed.deliveryqji.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informed.deliveryqji.top/us/assets/667bf194TeKnX.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 12:37:54 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f6VCpIIN2Iaa3gOkyY2NHOBWrT982BVaOhF%2FhPGxL%2BLnRX2EoY%2Bv4EuOGc2jiBEDyN5hy0iTDbgdTTa7xN5B4CgDVQKWHPISqXhfWx1PpJYQInpCpufT2JiZtpN9jaMmRK3Z21QaCplJ6F4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400
last-modified: Mon, 15 Jul 2024 08:24:22 GMT
etag: W/"441-190b57e26f0"
cf-cache-status: MISS
content-encoding: br
cf-ray: 8faa52d66ad456a9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML