{"report_id":"7be89ff9-84ff-4bd0-96ad-76d314d42bf3","version":6,"status":"done","tags":["usps","logistics","phishing"],"date":"2024-03-18T05:43:11Z","url":{"schema":"https","addr":"upsw.usspawy.top/pg?do=index","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"upsw.usspawy.top/pg?do=index","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"title":"USPS - Linkfly"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T21:38:11Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":634,"first_seen":"2012-05-21 19:28:02","last_seen":"2024-03-17 18:21:25","alert_count":0,"request_count":1,"received_data":30584,"sent_data":410,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fast.fonts.net","ip":{"addr":"104.16.250.67","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":2905,"first_seen":"2013-07-13 06:08:03","last_seen":"2024-03-18 04:43:48","alert_count":0,"request_count":1,"received_data":847,"sent_data":470,"comment":"","tags":null,"fingerprints":null},{"fqdn":"upsw.usspawy.top","ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-03-06","domain_rank":0,"first_seen":"2024-03-11 17:52:42","last_seen":"2024-03-17 01:49:03","alert_count":70,"request_count":25,"received_data":577461,"sent_data":12997,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fly.linkcdn.to","ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":291375,"first_seen":"2021-04-08 17:01:37","last_seen":"2024-03-18 04:43:51","alert_count":0,"request_count":6,"received_data":38909,"sent_data":2679,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-09-09 02:40:21","last_seen":"2024-03-18 01:41:39","alert_count":0,"request_count":1,"received_data":13414,"sent_data":548,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-17","alert":"United States Postal Service","trigger":"upsw.usspawy.top/pg?do=index","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-02.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-04.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/Areas/Admin/Content/LaxJquery.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-01.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/assets/d5af76d8-a90b-4527-b3a3-182207cc3250.woff","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/assets/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index_files/loading.jpg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index_files/share-common.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/favicon.ico","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index_files/default.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index_files/defaultWhite.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/index.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/logo_mobile.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-03.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-05.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index_files/jquery.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-08.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-18","alert":"Other","trigger":"upsw.usspawy.top/pg?do=index","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-09.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-10.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/Information.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-06.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-07.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index_files/logo_mobile.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}]},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.0.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0212568ce69457081dacf84e327fa5c","sha1":"d6702a1af0378b2342f6a0692e77c169f580aed7","sha256":"266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d","sha512":"9738a50be24577a615f3ebd044d46d53b0ceaafe526bd124e77957b7f93dd47653269cad1d2d4bea5d6630a47d2ba555a03b782e211769ae9706b624d588464d","ssdeep":"1536:u5hEyisTikEJqRdXXe2pP7lgoVMEXvdVhvLHSh4xzAdXtqTyZSusjvKx/w7Ug2xC:0QGvHhvLJzuXkTSc6//MTDU8Cu5","tlshash":"5f83d5d9b2c670529b7730b850bf450bb17a98dab44c8c60f1a8d5d57db8a8d807bf2c","size":86341,"data":"","first_seen":"2023-03-07T01:03:28Z","last_seen":"2026-06-09T20:08:36.961837Z","times_seen":12188,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upsw.usspawy.top/Areas/Admin/Content/LaxJquery.js","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"38ccdeb337088a1a149254fbf3fb881b","sha1":"a8a41eef433115c72a63fa6ea05de5480b5b5fce","sha256":"44444f03503156d8cf7403f7c1e7e485ee53c9a639b4931fbbf53311ad05df58","sha512":"84c867a79c418b4fb85198ed50c483e23f47877400934667dd161a20e0c1eda6f3f9f84ab21346fd5ea18178fb87508c3aa535e2ddfd5794c9537172502e389a","ssdeep":"1536:J5Ne6KU31JwFaIlVp5szyDexpAbMXhU2sIQ4ry+:Jve5U3vmj3p5vO2bt2v","tlshash":"1e53a8429282742483536bbdb19f68c4f77b48acc186094fd584b4a075a5e1eeffe8f4","size":63940,"data":"","first_seen":"2024-02-21T04:01:31Z","last_seen":"2024-08-20T09:16:54.298181Z","times_seen":1364,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upsw.usspawy.top/pg?do=index","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T02:14:21.808818Z","times_seen":16284503,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upsw.usspawy.top/index_files/jquery.js","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9771cc3e90e18f5336eedbd0fffb2cf","sha1":"6ee8aaa3ac1f4e0ae18717a3fd26892e9f0e4cc5","sha256":"3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24","sha512":"c503341fa3a7176fd10bd8cd7a5717c8faf971f87fa0c158f2d94fcd484ae3ed5031f49414dae833fb806b7365b5699c21d2e655376f69adb052b22f6f6982a7","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GK7:sHNwcv9VBQpLl88SMBQ47GK7","tlshash":"8083f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87532,"data":"","first_seen":"2023-10-13T22:05:06Z","last_seen":"2026-06-10T01:56:13.129776Z","times_seen":27658,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"28c738319a6e3eff545b5b4662a73d53","sha1":"433eeea7fb352219e7ab46c3164a0415633b5874","sha256":"5c6eb1923757857d9574d72c28032bf511753c4df714b59254fea63fa3cef90d","sha512":"06994215a59b62a2c552d5cc61ca0471358f4692be136c03df9027a24150972ba25663f765e5023976b7e0c3484134c9523df290b641834a80af98e533a435d1","ssdeep":"6:kevh5AhqWMnLzZxK1AmmJHIDK/MK20RxV:9vPA6zZxK2x/jtV","tlshash":"91c1a74ab0500a3c50676220038f10001a6f3c2d1c14a118f81cc1c26f5e32ec357e89","size":3029,"data":"","first_seen":"2024-01-18T02:28:13Z","last_seen":"2024-08-20T12:17:21.040348Z","times_seen":1863,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"0454be6fe107348f162e10e8507c53c1","sha1":"1fb96e5aa1e2e017f6a6f50569a0f426b2871bc0","sha256":"5be5107eeb285a4d01b725d4448edcf5b80203304cab94b77785aa004a74509f","sha512":"d9f51f18fbc6755063d0e20b1169865ac6760961a5e68404b312722bfe092f20e34db4e32c5ec6546538142b440c2eb2869886f2d159853ca012ac9be0e8cb20","ssdeep":"384:ELA0dJZCQaLA0dJZCQaLA0dJZCQrOydCGd2LchND2UE:90dJb0dJb0dJ/OWCGd8chtzE","tlshash":"107321ab9c021084923357b5ebe60b1cfb250193ae421da87bcc519e8fb1e5c51d2fde","size":77099,"data":"","first_seen":"2024-01-17T18:13:01Z","last_seen":"2024-08-20T12:21:00.490954Z","times_seen":1761,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.0.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.707Z","timestamp":1710740565707,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 11 Jul 2023 00:00:00 GMT","end":"Sun, 14 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"D2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D","sha256":"B1:CA:3A:23:BA:70:1D:18:3F:EC:99:D7:BE:6D:B2:FD:66:5F:5C:A7:7D:7F:C1:FC:16:D1:FD:89:4B:CC:15:34"}}},"request":{"raw":"GET /jquery-3.0.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15145\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Mon, 18 Mar 2024 05:42:45 GMT\r\nage: 15938366\r\nx-served-by: cache-lga13625-LGA, cache-hel1410027-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 8, 54298\r\nx-timer: S1710740566.757307,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 29995\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29995,"size_decoded":86341,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32034)","md5":"d0212568ce69457081dacf84e327fa5c","sha1":"d6702a1af0378b2342f6a0692e77c169f580aed7","sha256":"266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d","sha512":"9738a50be24577a615f3ebd044d46d53b0ceaafe526bd124e77957b7f93dd47653269cad1d2d4bea5d6630a47d2ba555a03b782e211769ae9706b624d588464d","ssdeep":"1536:u5hEyisTikEJqRdXXe2pP7lgoVMEXvdVhvLHSh4xzAdXtqTyZSusjvKx/w7Ug2xC:0QGvHhvLJzuXkTSc6//MTDU8Cu5","tlshash":"5f83d5d9b2c670529b7730b850bf450bb17a98dab44c8c60f1a8d5d57db8a8d807bf2c","first_seen":"2023-03-07T01:03:28Z","last_seen":"2026-06-09T20:08:36.961837Z","times_seen":12188,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":46,"dns":28,"connect":13,"send":0,"wait":13,"receive":5,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fast.fonts.net/t/1.css?apiType=css\u0026projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0","fqdn":"fast.fonts.net","domain":"fonts.net","tld":"net"},"ip":{"addr":"104.16.250.67","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:46.310Z","timestamp":1710740566310,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 05 May 2023 00:00:00 GMT","end":"Sat, 04 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"B9:2B:82:F1:50:51:EA:B4:39:81:75:2F:6E:8B:8B:94:55:81:C3:47","sha256":"64:21:16:B4:DA:EC:FF:10:77:3B:C0:A6:32:4D:C1:2D:D2:CF:4E:28:06:D9:BA:EB:88:C0:77:26:94:5D:7A:C9"}}},"request":{"raw":"GET /t/1.css?apiType=css\u0026projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0 HTTP/1.1\r\nHost: fast.fonts.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:46 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 0\r\nx-amz-id-2: ki65sQC1HlYAvAwzpIlg68BKJDoZiZ/BwbN/hDH5RUfm7vMSBZqfat1D29ePjiEs20YJy+049dY=\r\nx-amz-request-id: 4MWDSXH8MPCQQMJM\r\nlast-modified: Tue, 23 Mar 2021 12:59:23 GMT\r\netag: \"d41d8cd98f00b204e9800998ecf8427e\"\r\ncache-control: public, max-age=0, s-maxage=604800\r\nx-amz-meta-mtime: 1519217722\r\nx-amz-version-id: null\r\ncf-cache-status: HIT\r\nage: 347426\r\naccept-ranges: bytes\r\nset-cookie: __cf_bm=gWFyRIH2mpJTK9AdhweoAeLqo4yoY0AGQ1ryddsOKxI-1710740566-1.0.1.1-8R8YgKO7lCdwyxWtd2lmoVYLPqCy1lI4Kqw8xW91GkKWw_x1CbPb1IF0vsckifQgRjb7xfgWyZjgWU2u4om4sQ; path=/; expires=Mon, 18-Mar-24 06:12:46 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6bbbe3056a8-OSL\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T02:14:21.808818Z","times_seen":16284503,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":45,"dns":29,"connect":2,"send":0,"wait":16,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-02.svg","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.714Z","timestamp":1710740565714,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /loding_files/blue-spinner-processing-step-02.svg HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"49be62a3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=y9MxQfdLabVwuCI5tAYI3MwUBrYiubpQYwjQfFWQ9Mp905dDLZyjYBWaDWBsi2p8CKSM0Dc2VwP%2FCddjPxAmNJfsHtvCPqgxqpYct6OndjihNmHtXVKKHaLVIfZskDhxcTdj\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6b78b94569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":908,"size_decoded":843,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c9001e6ca9cc5bd1436106127d8ec7f9","sha1":"498b06dbb190a5099d90db7882f25083de2305ce","sha256":"20dacb9960e8ebc87b2e7886f5843dc633c865b3175a817520f3d0dbf1398d24","sha512":"914cd33c7dc9722ad72ea078cf8e943bb8138902f551f1fc1fca6a44ce6b428c3d84baf4705441a02f1d26e792252c6fd297626e051fe01733a2ade3ac65327a","ssdeep":"","tlshash":"1f0112ca450cdeaea52151d4337042c362e37987d3901960b6e33cb5bf2e8e08ee25ca","first_seen":"2023-06-16T22:12:56Z","last_seen":"2024-09-28T08:24:25.198622Z","times_seen":1453,"resource_available":false,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-02.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-04.svg","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.720Z","timestamp":1710740565720,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /loding_files/blue-spinner-processing-step-04.svg HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"3a3363a3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Q3EuQRIffltgzTHdSADVXfOfFOC%2BFBR%2FJYvEhSQnhQTVfMbiveHG8O%2FD0jEV9R6s34d7tYCY1ireE9grvKJ9SJwqeuasbDbMnSSajUgDEwdJBGK1AjvCwtb58h5lCwtpWBao\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6b79b98569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":908,"size_decoded":843,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"eeb6aab3ba02fbe07e6e3ec7ab07b1b9","sha1":"cf033b61b1aab1a313ea2ea5400a189fd9a20e0c","sha256":"fcf1211e2ddbc8ac0b4ed85884688a03b99ad6fbbeb344c613d7de4ba653eaf1","sha512":"0c4c9ca1a9eec15afcbac59772d0dbe8deaf7435237c57623a661e076a8942f1b92c79c33e3728c2dd5e3b24871cccd9365f92653c08ae63064f586989bcd7b9","ssdeep":"","tlshash":"f20112ca450cdeaea52151d4337042c362e37987d3901950b6e33cb5bf6f8e08ee25ca","first_seen":"2023-06-25T03:07:54Z","last_seen":"2024-09-28T08:24:25.199656Z","times_seen":1593,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":576,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-04.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/Areas/Admin/Content/LaxJquery.js","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.709Z","timestamp":1710740565709,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /Areas/Admin/Content/LaxJquery.js HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:46 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 16 Feb 2024 15:41:49 GMT\r\netag: W/\"805c87a7ee60da1:0\"\r\nvary: Accept-Encoding\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Zcr8%2BZ42XXuVxf9%2FezeWcZMKz4EWGjSdu1HsyVMOIUuYNhw9ITAu6Kdqkx2G%2BKHmNJA1w3xK4BFipyXluZpL5HwqY7vQyYvnCKXusmf%2BN1PJGsfS8X3Arh0W4rrohoeOdo6F\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6b78b8f569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27476,"size_decoded":63943,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (63908), with CRLF line terminators","md5":"1caacee962a4d19a45caabb560e55489","sha1":"a37035e08eecb6f59aa2b63552a9f02e33d1f3b3","sha256":"4fd147360cef7876d63ca74e6e1d4309fe1f6051fbecc121ceebc935b03e254c","sha512":"8abe9bfc6611803702d5757bb2550ebd8595697f1c0dfebdf22d745d501a7faf5051167961d0e940873017fd7eb57130e82ee4fa918d49afee99f6b8369d4514","ssdeep":"1536:S5Ne6KU31JwFaIlVp5szyDexpAbMXhU2sIQ4ry+:Sve5U3vmj3p5vO2bt2v","tlshash":"f453a8429282742483536bbdb19f68c4f77b48acc186094fd584b4a075a5e1eeffe8f4","first_seen":"2024-02-22T12:34:35Z","last_seen":"2024-08-20T09:10:10.633499Z","times_seen":417,"resource_available":false,"data":null}},"time_used":577,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":577,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/Areas/Admin/Content/LaxJquery.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-01.svg","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.712Z","timestamp":1710740565712,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /loding_files/blue-spinner-processing-step-01.svg HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"744962a3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=6uCeUN%2FWk1xy21b6PHwKXDJzyBftAcOUXFZL9H5Ovs0R6kpslx%2FyxNOyw80r3i17AV0%2BPan%2FFLTvOvc57IjTk4ETtuufOJAWY%2BzgSqbWNUDuHuiVRAqnGJwlbAPLmAXLj1zJ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6b78b92569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10127,"size_decoded":843,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"61d810304390ff8bcdbefb6dd4abd865","sha1":"d3d63114c6113d811b71c1c90998e09757576f33","sha256":"1e0f6a7d0a6a793cf750c2368c4e70386caffc8cf0861a0ed3188d2b1e9122a0","sha512":"07aa256b95de3d54a820d770586b3634ca8b692691118ae40f35044f58086abecab8efdb3a9c16d21094e0c06579a0a2b66d6ed82c11c0af3bfc2cbcb2ff3ef6","ssdeep":"","tlshash":"130112ca450cdeaee51151d4337142c362e37987d3901960b6e33cb5bf2e9e04ee25ca","first_seen":"2023-06-16T22:12:57Z","last_seen":"2024-10-04T10:47:13.802631Z","times_seen":1548,"resource_available":false,"data":null}},"time_used":578,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":578,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-01.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/assets/d5af76d8-a90b-4527-b3a3-182207cc3250.woff","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:46.711Z","timestamp":1710740566711,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /assets/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/loding_files/index.css\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:47 GMT\r\ncontent-type: application/x-woff\r\ncontent-length: 58690\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: \"8a7d96a3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=VcU6%2Bn36vpAcgo8lZ1wXyBX20ZTbprm0mNRadNcnKJ4P%2BuzpYCNeisOx8ykDtu%2BJa%2FU1an3Arrs33guMZHei%2BZ2VVM6%2Fo6PdasXot8Cd9NaFULF0ODmD%2B6EKh0RkcPE%2Bo8Xl\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6bdef69569c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":58690,"size_decoded":58690,"mime_type":"application/x-woff","magic":"Web Open Font Format, TrueType, length 58690, version 1.0","md5":"a6e2d3921c9ea0fd81897d9ae7a33ba4","sha1":"bc31969f2fb1926a15cd678b3e573c37a44e5421","sha256":"f2e2ef638dd9aac863f0f6027ceb784cd4c5a14a676bed909c8f2ac4b088d510","sha512":"3f8d647f4f157fe0a3d6bdcc4cb8330bb9a8559dd927c073e9c55c36a7f8847b57dcdab80a310b1a3adbd07a70febb478868e4d5b59eef1ec192a05269ef94c1","ssdeep":"1536:ZiIC2RdNz6MiM5bTOdkI7HhsTTVjh1nbAzjKf5pmnuU888888888888888Uv2:1N5POdkIThsTT9h903I5pmnX2","tlshash":"014301a5fd71994cff2aa4bd2ff4201763c2a9935006c2a705788f1fecf25f68259242","first_seen":"2023-04-06T20:38:04Z","last_seen":"2026-06-08T05:33:32.860512Z","times_seen":10999,"resource_available":false,"data":null}},"time_used":589,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":587,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/assets/d5af76d8-a90b-4527-b3a3-182207cc3250.woff","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/assets/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:46.715Z","timestamp":1710740566715,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /assets/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/loding_files/index.css\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:47 GMT\r\ncontent-type: application/x-woff\r\ncontent-length: 46657\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: \"67b288a3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=oXCwVCNHuv550luiCyVAU1UoOVTBrFC5fQZ%2B3XFXMFL7gpLwD3XN5cQAc7WwzW1lEBqX2ILXXLrugiT7M8azjspePNgChroi6EnJuizZ4bY1nHsyw22AQMgCf3SlG6znvyWE\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6bdff70569c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":46657,"size_decoded":46657,"mime_type":"application/x-woff","magic":"Web Open Font Format, TrueType, length 46657, version 1.0","md5":"3beb1cf49dc702cd4de8618eeb344dd4","sha1":"080e1b4dc8b43ddb06961a3490857cdb936a8c2a","sha256":"ffd7af6177837790e2620c429dce0da6dc7d18bbdcf87a7ed2c033a03513e947","sha512":"008ee624857f9f7da939719b44e9146177471a9861bea10c1065c134a2af888c5d2e151e04ea0a8949738e2f0901eab33aa5746207f52e6399119e69f4744d63","ssdeep":"768:rLCl6g82cavjKflqsY7nrNNkc2tFgPZfVv79dfpaweqfbIT8N3JADxAOW3zITqjG:n3acyKflqVrNqltFgRtv5dxawrcTSADt","tlshash":"e723f1da66639fcb8f668fe0415902d1b7667c1d27074f84a5c3e8cccdaba81003dab4","first_seen":"2023-04-06T20:38:04Z","last_seen":"2026-06-08T05:33:32.851536Z","times_seen":10197,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":587,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/assets/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/index_files/loading.jpg","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:49.491Z","timestamp":1710740569491,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /index_files/loading.jpg HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:50 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81572\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: \"e16c9ca3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Ozh%2BHMZEUjs%2Bvzs1ImD1LeaevoyQoommWVqEOSZ54QxQ84Mgg6oGnMDPWlzbIoUnYnDTxIRkQjEnIUQvohVSxXoxFyZMNvPYA2ng6%2BWw3O25NOO3j%2ByUR8EvedmoXgtx2l3s\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6cf3a4e569c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":81572,"size_decoded":81572,"mime_type":"image/jpeg","magic":"GIF image data, version 89a, 630 x 637","md5":"9e0373c2b4410c49439dfd822c5fd16e","sha1":"427f86c03751b7e107fd282bbe32be18fc2e0898","sha256":"05eb745176d79ec27d52d544582483fc4d0f6378c7ed2060be24dfc4e8990668","sha512":"01c9fe5db1bc9caf67cf011bbe8c49de92f91969a576732039443ebbdef56f601fe5c4b5153459e65c0b9ada0045061347b66d05105ced3a4cd04bb14c6a7fa6","ssdeep":"1536:XuCQRdUM8w28aV8qKc4AeSKhDxxdQ8jorRjF8SX8Bx8c:DSP878W8qKcnrKhFLO8U8/8c","tlshash":"b983d1ba7129cb33cd7aeebf0352c6b4d0cc60e63461e52eae4d1755cca0016e5e59b8","first_seen":"2023-04-08T19:56:48Z","last_seen":"2026-06-07T07:47:10.192283Z","times_seen":7834,"resource_available":false,"data":null}},"time_used":595,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":591,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index_files/loading.jpg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/index","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:48.748Z","timestamp":1710740568748,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /index HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:49 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: private\r\nvary: Accept-Encoding\r\nx-aspnetmvc-version: 5.2\r\nx-aspnet-version: 4.0.30319\r\nx-powered-by: ASP.NET\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=4%2FjaW9lFcxeSJWtkg9L6pU9%2FqV0EgQ1FBD5MMMIxPg24fD5r%2BaZH1tPZ1127CUyRtR6NmENktLBQ3WQQQYYHhY7mUv1wj9zPBsDkOFt1wUH7ao30D5azkWt1c6JiuXSdenDn\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6caaf4e569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13271,"size_decoded":77099,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"0454be6fe107348f162e10e8507c53c1","sha1":"1fb96e5aa1e2e017f6a6f50569a0f426b2871bc0","sha256":"5be5107eeb285a4d01b725d4448edcf5b80203304cab94b77785aa004a74509f","sha512":"d9f51f18fbc6755063d0e20b1169865ac6760961a5e68404b312722bfe092f20e34db4e32c5ec6546538142b440c2eb2869886f2d159853ca012ac9be0e8cb20","ssdeep":"384:ELA0dJZCQaLA0dJZCQaLA0dJZCQrOydCGd2LchND2UE:90dJb0dJb0dJ/OWCGd8chtzE","tlshash":"107321ab9c021084923357b5ebe60b1cfb250193ae421da87bcc519e8fb1e5c51d2fde","first_seen":"2024-01-17T18:13:01Z","last_seen":"2024-08-20T12:21:00.490954Z","times_seen":1761,"resource_available":true,"data":null}},"time_used":707,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":707,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"upsw.usspawy.top/index_files/share-common.css","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:49.477Z","timestamp":1710740569477,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /index_files/share-common.css HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:50 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"805560a3dc22da1:0\"\r\nvary: Accept-Encoding\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=BXKRPc%2FUGBJP8tfvHBKgt6R08EkvDLHAW2I%2BW0Wtb%2FeOlq1KPDfhp4zMQ0jngK%2BQDQdSK%2F%2FYcW%2FZhjC8cYFPIwnP47GVmHwODBRso7nB8i5oXJKNgl4hRU%2BKklJ7rxwLdiSt\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6cf3a44569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15765,"size_decoded":48354,"mime_type":"text/css","magic":"ASCII text, with very long lines (24473)","md5":"58a5b83f87c9cead14212a3d42f23df2","sha1":"97f552c24b11fb7c6c00d769faacbb28f0d492b5","sha256":"9e448238639792210d43bde27374200528b632a1b2b84ba343b360ec5a35aa8d","sha512":"7f130380e63b6ae426bc678ddeb4549b69089056d203d18a5ea2a9e951710043158b1775dd8087cb590a7456b1b1764c5bb782080262722a2ab44990cee5c7ad","ssdeep":"768:La6+3WOVqCVqVVqVVq8Vq8hl7Gu4x3v3+3I3Icnbj0/p7yAeaHCq7W+XiaWEGWv4:yVBVaVqVfVVTK+XOpWXGFF","tlshash":"032354e0c20d54c86727c8476785b306ee55b1398de90d2bf56fc49c0ff262663e6ba8","first_seen":"2023-04-14T12:11:03Z","last_seen":"2024-09-20T20:12:10.254217Z","times_seen":5770,"resource_available":false,"data":null}},"time_used":738,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":738,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index_files/share-common.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fly.linkcdn.to/statics/links/icons-socials/spirit/32.png","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:50.225Z","timestamp":1710740570225,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Mar 2024 04:28:46 GMT","end":"Mon, 03 Jun 2024 04:28:45 GMT"},"fingerprint":{"sha1":"33:70:41:27:31:11:EB:7E:FF:59:3B:55:09:64:E9:28:47:AB:3D:7B","sha256":"4A:4E:7B:02:17:A1:D8:E5:71:46:2F:13:1D:90:F3:FF:E4:37:56:C2:94:13:71:DB:EB:EC:A2:3C:42:8C:75:F6"}}},"request":{"raw":"GET /statics/links/icons-socials/spirit/32.png HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:50 GMT\r\ncontent-type: image/png\r\ncontent-length: 6743\r\nlast-modified: Thu, 10 Sep 2020 13:28:55 GMT\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\naccess-control-allow-origin: *\r\netag: \"78fd36b0d6c14772a8b46b88817087b3\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: CBqFo4DB49N3C8E18qaCHg2L1wgbLJ5McpVi6rZmUWqLD3GiaZPTOw==\r\nage: 7139\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=FxFrbUH4UNajq0YsMzgQ%2Fep0h1Bao0uaBsD%2FuxXRRsfsULt1Vt0E6sfPLF39fwUsaBgwt7lEY%2Bnd2Ja7sw7UIddGktB960Tt4sCddgb8105VmS5Qyki%2FP6hzINwq124WZQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6d49f2d7127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6743,"size_decoded":6743,"mime_type":"image/png","magic":"PNG image data, 304 x 60, 8-bit/color RGBA, non-interlaced","md5":"78fd36b0d6c14772a8b46b88817087b3","sha1":"b738599182b0eb67a9c91501f121a16cebef2d40","sha256":"e36eaeb05ac9e38a5e6ee0fea36ded8da7707532912f061ef6d445603fb5bfa9","sha512":"e8275b642d90b639f1a76f1d30d63a45e41823d262d5c41e339f2aa982a29cc55506e92e0ba789a4c7c2f06f0fa589df93e115ecca411b64210f3ff3d4d2d722","ssdeep":"96:tKMW6himyvAU/QxQ5dIYB4kwTWZ5K/GjyL0HmmLnOyMmZbnwTlbsYkyIJXnGk981:oMPiuC5j45yxjdPLn8m9wxbsF/GkkAw9","tlshash":"8ad19e4d76ce8219b3ce14302a42263df6568c5a31dba508823b627d371cdf52b5cbeb","first_seen":"2023-06-20T05:12:56Z","last_seen":"2026-01-09T10:39:51.902656Z","times_seen":5882,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":107,"dns":60,"connect":4,"send":0,"wait":15,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fly.linkcdn.to/statics/links/icons-socials/spirit/1.png","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:50.220Z","timestamp":1710740570220,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Mar 2024 04:28:46 GMT","end":"Mon, 03 Jun 2024 04:28:45 GMT"},"fingerprint":{"sha1":"33:70:41:27:31:11:EB:7E:FF:59:3B:55:09:64:E9:28:47:AB:3D:7B","sha256":"4A:4E:7B:02:17:A1:D8:E5:71:46:2F:13:1D:90:F3:FF:E4:37:56:C2:94:13:71:DB:EB:EC:A2:3C:42:8C:75:F6"}}},"request":{"raw":"GET /statics/links/icons-socials/spirit/1.png HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:50 GMT\r\ncontent-type: image/png\r\ncontent-length: 4949\r\nlast-modified: Thu, 10 Sep 2020 13:28:40 GMT\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\naccess-control-allow-origin: *\r\netag: \"8139cee41cfe4201b9021936e39de717\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: sVR78wlbUQbtdEhevgt1a2nvqmyQCv_cA4SdtwScM4TcqfBOc3Y1Ag==\r\nage: 7139\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=GhhBAGamd619%2BtCZDsqI6VIi3pG0F0GPr4HQ8N%2B68%2FGz9CUReNXIOQjNFwCKIaYXxBO4PMT0TV5kHi%2FwQUxpSxyi5X4oYCjmi%2ByNhaE84Muwawv3ilmnNNAFG16M17T%2BMg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6d49f307127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4949,"size_decoded":4949,"mime_type":"image/png","magic":"PNG image data, 304 x 60, 8-bit/color RGBA, non-interlaced","md5":"8139cee41cfe4201b9021936e39de717","sha1":"854f63367081a91a9ac08d16684d6d4f0fbf8075","sha256":"fc8abacb97d2e71cafbfdd4705d6f914e189d7825edff03d7a95acaca7f98ef1","sha512":"639a283fe5cf4025b8626c633a5f5d6cbe07693a570b7700f225bb969ec91563633a57831db9e218d57c2fbfe561a8ecf39a57ae9bad58911a0d0e19b31442dc","ssdeep":"96:dLhwT63ccX0Uu3IdaBem8OuacfLwbf0bS1OI4EWug3IKK2SVtYF0rVH1js:BhwTr13IYBAOuRUbfOb3IKyiQ3w","tlshash":"f2a17dc91e5d9fbfe18f84109d625b83d2b55c400168b1ed9a5bd2661cdf94c3dd820f","first_seen":"2023-10-27T04:33:42Z","last_seen":"2026-01-09T10:39:51.905788Z","times_seen":5727,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":114,"dns":66,"connect":1,"send":0,"wait":14,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upsw.usspawy.top/favicon.ico","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:47.077Z","timestamp":1710740567077,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:47 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Thu, 30 Nov 2023 12:13:25 GMT\r\netag: W/\"8d495b9e8623da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=DKGIvw%2B%2FsT9xdjdau6hZp1i9GYjZXV5l3UZYUVGldcEJd69THLKspL5vYEGTTrC7uaFUPSEtSDz5mtL4wANXG3aFfJfhK6j4ZbeOpk2kwxi9YKPKF5dwTVO%2F89VHSMMlLPGi\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6c038c7569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6372,"size_decoded":32038,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"3f0f72ed57a54b97cda500bcf0545efb","sha1":"2f252619c18e729d98e16b96d37cd7cd567b38eb","sha256":"67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943","sha512":"ea68c54a3ca39a47555a41ae5fc3723f1e7c06b3ad1776ee7082ffbff48277d2b4ee7ca1753165c2dccdf7012eb0cbe29cdbde21dc05373a07cf18e23de37e54","ssdeep":"192:cfRys3/ZtSs9axogZeLpoCaAVbZ5iDJ6j5+qDxZ7cnPgW5LnM:cr68dcgWJn","tlshash":"6de2207b2193e200e49136f0adeaa4f059556f9a54708f19b0ba3d7de37a82bfc1d04d","first_seen":"2023-04-05T10:33:55Z","last_seen":"2026-06-09T07:02:55.483102Z","times_seen":28797,"resource_available":false,"data":null}},"time_used":590,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":590,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/favicon.ico","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/index_files/default.css","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:49.479Z","timestamp":1710740569479,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /index_files/default.css HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:50 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"805560a3dc22da1:0\"\r\nvary: Accept-Encoding\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=5DhqHRI9KNs64lgwhSez3aCwXFi7w%2FytrH0mygyzBAeOB3kVqG5mjhKHzAQmkpXKSdLZo5KNc2oNrNpeNY%2Fs52Te54yWdamtQo23VntifYlAhFC34j2gFqDPKj6p%2F0cK9D%2Fd\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6cf3a47569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17399,"size_decoded":95676,"mime_type":"text/css","magic":"ASCII text","md5":"d27e915c4c1bf557699170e2a5f24368","sha1":"d5a1c5b5cd7cb3446fe74ee27040e85dcafcd1b0","sha256":"5fe6b42ae13a161663373634245e6e2119bccf7f1da46bddc378098447db5226","sha512":"6ab752ee64dc48fc62d93e3eddad22b636eebf9e713cdf24d145b8964ab69a9583cd42f952a583fccbfaafee681fce91211ede8c0d5f060cc897679c19d84b59","ssdeep":"1536:y5xrSoVJL34r+Y0O9MaFtMXxvU/qcBNs3RNTuVD0m1UyUjeFTu4r+YQ4O9Ma5udG:yvSoVJLrIogZwL98O","tlshash":"a19375b54e731988b51b8564abef0b95333890934007ccf9bbcd364d4f85aec65d2b8a","first_seen":"2023-10-01T16:25:31Z","last_seen":"2024-08-21T05:24:07.975564Z","times_seen":4236,"resource_available":false,"data":null}},"time_used":713,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":713,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index_files/default.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/index_files/defaultWhite.css","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:49.481Z","timestamp":1710740569481,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /index_files/defaultWhite.css HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:50 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"805560a3dc22da1:0\"\r\nvary: Accept-Encoding\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=9xjYzBRfsCLCrQktlSF%2F%2FBdeYJfhbeeqncX1Cf%2BWE2R440vSknm3iJbjzz8iR2vNdOFlNyF%2F8JZpXLqO9uR5vHPgA7MUOFFeKZv3qvVukt2c8%2BIX8J8LMl8mVedEkLQJYMdz\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6cf3a48569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13423,"size_decoded":3892,"mime_type":"text/css","magic":"ASCII text","md5":"73eb4a51ec73debe4e9512f9d76b4289","sha1":"4919c1c33c1ca19a1a1ac19c511803ea51737565","sha256":"44845579f305286f8684821c30a52f815f10a351d00baad5c92c8502426474fa","sha512":"7f616d7f9631b912bf02eca0f37b0ba6789c43fe36d19c04a75aead5037e1c67e7996064d198471985a79a627c77acf335643e2a7bc21046a29d2f70040336f6","ssdeep":"","tlshash":"0181c860d4760df661035958b7eef6dab6583193c6040e3bf79663202f8faa808613ca","first_seen":"2023-10-13T15:20:30Z","last_seen":"2024-08-21T04:51:34.072322Z","times_seen":615,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index_files/defaultWhite.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/loding_files/index.css","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.711Z","timestamp":1710740565711,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /loding_files/index.css HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"805560a3dc22da1:0\"\r\nvary: Accept-Encoding\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=86%2FcXPGjNFU6eVoFNRArqvTiel85oOyH%2BHQS4zop%2BdlNbKN51ZvXOV1pwIyUSXP5grN%2F%2FRWdla1OLSb873z1dOxCVUOP6vL1OXz4N%2BMS7D3ykCTeo%2BTvQ9bCVs0WoxX59800\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6b78b91569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":59739,"size_decoded":310286,"mime_type":"text/css","magic":"ASCII text, with very long lines (65275)","md5":"3b8fd6f9a4f47abcd5587844dd3aea48","sha1":"9dfecc12393c9c87c76059a8506f8e073e07cf3d","sha256":"5a0d71ead8b996efb89a6ec99e93d2a79ed647b890838bbaf890dc238ab87303","sha512":"5283972cbaefc9a8a184509e367b00f78e8918e7a0d294965e1ff7596ebfa4b3ff340ef2bd146009e2d76c80308deef50b5aa7457d6dd25ba1e37614766c2a79","ssdeep":"6144:/X1JSwRhgtafrebU4ROuW500krD2RQYL7GfSGfM:/XjpRQYL7gSgM","tlshash":"3964f960e360309e3133c46ab1c1fad63a259147d56a0ffaf16b75a88b895d70373f1a","first_seen":"2023-08-12T18:27:04Z","last_seen":"2024-08-29T17:21:18.533316Z","times_seen":3736,"resource_available":false,"data":null}},"time_used":578,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":571,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/index.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/logo_mobile.svg","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:49.496Z","timestamp":1710740569496,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /logo_mobile.svg HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 30 Nov 2023 12:13:23 GMT\r\netag: W/\"215fae9d8623da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=V7ZgylBDIIzc2TMlkGu4pcKsydnrSDSbAo6W2vRtt4iYcGXQVMEPVecwVMPyvXEoNPLur7jDBIQhy5LFutwnHf2%2FhbJ5pjRYmj67z%2B7RSfbHa6L8leoNLq4icHdZq1CDDRxE\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6cf5a5f569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6503,"size_decoded":2060,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f8ad388b3e39b860c97de0029ae98a21","sha1":"9b032ef4ef4100dda1ba44be4836e6956b11387c","sha256":"9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2","sha512":"046772635e6ea587aaa4b4def7db1dcdd02219633e57763fcabeca6c999442981d5311434fb82f97afc63b0869e2086958ab139ea8e1a5c7bf115fee4c1d1900","ssdeep":"","tlshash":"a741ec0b530cdbae665551a6d97800c9616afda7e470e0c0b3bf1837e18d4e4a6dc6a8","first_seen":"2023-04-08T20:42:42Z","last_seen":"2026-06-08T12:26:53.456693Z","times_seen":8390,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":565,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/logo_mobile.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fly.linkcdn.to/statics/links/icons-socials/spirit/6.png","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:50.224Z","timestamp":1710740570224,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Mar 2024 04:28:46 GMT","end":"Mon, 03 Jun 2024 04:28:45 GMT"},"fingerprint":{"sha1":"33:70:41:27:31:11:EB:7E:FF:59:3B:55:09:64:E9:28:47:AB:3D:7B","sha256":"4A:4E:7B:02:17:A1:D8:E5:71:46:2F:13:1D:90:F3:FF:E4:37:56:C2:94:13:71:DB:EB:EC:A2:3C:42:8C:75:F6"}}},"request":{"raw":"GET /statics/links/icons-socials/spirit/6.png HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:50 GMT\r\ncontent-type: image/png\r\ncontent-length: 8759\r\nlast-modified: Thu, 10 Sep 2020 13:28:42 GMT\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\naccess-control-allow-origin: *\r\netag: \"cd115f6d3642f90c79b0af1ae9a93c2f\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: MvezV4nlrMg9NFfE0pGywQYzlMKH0tfKc-8ffEPkI1wM7yIfxAJvfA==\r\nage: 7139\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=gElrTAcJOpFmF7W2ayuBqNY5drKlA8CWA70IQ8VAePE0lLRqYQhesM1eTdaDnygMwyEIhLjMKzR3Lhj0Qggp8km6rXkP4EZF8634tOmbyCjHoc5KaqqbJPtoO8VSGEcuxQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6d49f2f7127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8759,"size_decoded":8759,"mime_type":"image/png","magic":"PNG image data, 304 x 60, 8-bit/color RGBA, non-interlaced","md5":"cd115f6d3642f90c79b0af1ae9a93c2f","sha1":"d65536edb8c54d18b476936f0b24ed0e73f4f930","sha256":"b106acf20bd4b5ff01ddb53be3c6f3173682ea42b893f31a1400e09de0be9e49","sha512":"4f533b21486034a79e571696f412723fd1853b63511bba4cf47fc0019d62ffeab5ce72200ae474cc760ce92c15cdb937ca47405ef15d648d4e0829d8265c4938","ssdeep":"192:EpnPh9wuIAG3EC27/In6oUxEbduDhtUz8HQAaWqjqqJByAbSIC+8Qf8SKg:0Ph9wuIAG3EC27Q6oUG4/UA7q+ycPfP6","tlshash":"3802ae82e946c6db5e8462833dd92333e222fba723e3573495085d124ec61d6f8f7987","first_seen":"2023-06-20T05:12:56Z","last_seen":"2026-01-09T10:39:51.906377Z","times_seen":5861,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":109,"dns":62,"connect":4,"send":0,"wait":13,"receive":1,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/mavenpro/v25/7Auup_AqnyWWAxW2Wk3swUz56MS91Eww8Rf21nejpBh8CvRBOA.woff","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:50.249Z","timestamp":1710740570249,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 19 Feb 2024 08:18:37 GMT","end":"Mon, 13 May 2024 08:18:36 GMT"},"fingerprint":{"sha1":"4B:01:90:58:08:51:40:F4:08:F1:16:D3:92:26:EE:6C:CD:EA:5A:C3","sha256":"6A:4F:BB:4C:2B:92:2D:78:78:6D:6A:50:DC:70:F2:EC:C8:58:8B:59:52:D4:BE:F2:E0:D8:E9:E4:9E:F1:A7:35"}}},"request":{"raw":"GET /s/mavenpro/v25/7Auup_AqnyWWAxW2Wk3swUz56MS91Eww8Rf21nejpBh8CvRBOA.woff HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://upsw.usspawy.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 12580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 14 Mar 2024 14:14:46 GMT\r\nexpires: Fri, 14 Mar 2025 14:14:46 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 03 Nov 2021 17:05:24 GMT\r\ncontent-type: font/woff\r\nage: 314884\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12580,"size_decoded":12580,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 12580, version 1.1","md5":"c329e5a724e3c186353c4af3a0f791ed","sha1":"064959ddf1f461974203b7cc61cb168c10a78287","sha256":"fc9e259669117b3e2c814392798e23871961db27b54ef88731aae886f5c4f58d","sha512":"d6f3c2af83535c92d46f73791535b9c6a15153a1ac379f36a113adbddd92b48004da009091185996c7d6ce9ab0bdca67542afb5b09255b792abb98cbf0098fa0","ssdeep":"384:6cR5BW44kLRH1O4NEHX/gX9mvrcK/70JE:HWhktVO4NGMK/70q","tlshash":"9742cf697b2323cfc76bd57680c2539727b3c49282a4a2989e79409839856cc9f6bc50","first_seen":"2023-05-08T17:47:48Z","last_seen":"2026-01-09T10:39:51.903267Z","times_seen":5927,"resource_available":false,"data":null}},"time_used":370,"timings":{"blocked":178,"dns":3,"connect":9,"send":0,"wait":12,"receive":1,"ssl":164},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fly.linkcdn.to/images/favicon.ico","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:50.467Z","timestamp":1710740570467,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Mar 2024 04:28:46 GMT","end":"Mon, 03 Jun 2024 04:28:45 GMT"},"fingerprint":{"sha1":"33:70:41:27:31:11:EB:7E:FF:59:3B:55:09:64:E9:28:47:AB:3D:7B","sha256":"4A:4E:7B:02:17:A1:D8:E5:71:46:2F:13:1D:90:F3:FF:E4:37:56:C2:94:13:71:DB:EB:EC:A2:3C:42:8C:75:F6"}}},"request":{"raw":"GET /images/favicon.ico HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:50 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Mon, 15 Mar 2021 07:50:44 GMT\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\naccess-control-allow-origin: *\r\netag: W/\"a4cedb09a224bfc2bb7d5c6c90d2c8fc\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: pomg-POeF7pvghgfNUhN2tIfIGrsv3EFF2iKlg2BFyzKIVrql9Wh3w==\r\nage: 7138\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=VYI9lNiT7qrQmtmqf9liEHJSm%2FPPADP6xSW3zcLuElW4VeBIRWwtEy0CcJmfCwHIxNMZjFxlnaY9t%2Bz%2F1JkvHqRiQZlE26BpCJoOn%2F%2FD62vPnVRl8cjsVK47ou0CXhZnVA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6d56c7056c7-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T02:14:21.808818Z","times_seen":16284503,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-03.svg","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.717Z","timestamp":1710740565717,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /loding_files/blue-spinner-processing-step-03.svg HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"53e562a3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=yz0cc9maFfrjfPoL3sUobFZ1DUH%2FGuGj7i9TPJ49y%2FNhDvlYTR8BIkBAd9y9mOUHcAVA77lWTBlMQSla9suBXzd4rsm0H8OztFFsf9%2BVmKb1a%2B2Ny3zt7DXixWUw7wSzRWlX\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6b79b97569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":888,"size_decoded":888,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0555a4029ac23b798a91b205430abbc4","sha1":"7c8b8a46a3c78b43db86c18162a7be265d9b8eb1","sha256":"b076344043e8d78616c4e12841bf4bf12609429ea88354bd24101502884f2706","sha512":"0c864010ae042d3ba85eef0445e70f38751a500e79abc5e6ae33bbd7be8eb6f9fbf94aa8d1888029fea244cc1e3fce292a8682709a7e8b321375bbb55faac260","ssdeep":"","tlshash":"1a11e1c98f95e4666a0492eb33b001933137bc85f1f55b00d6a2743bba1d844cae7cd4","first_seen":"2023-06-11T20:55:57Z","last_seen":"2024-08-21T08:57:52.916006Z","times_seen":2240,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":576,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-03.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-05.svg","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.723Z","timestamp":1710740565723,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /loding_files/blue-spinner-processing-step-05.svg HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"1f5a63a3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ZfeisE%2BUrRsKLND6t56os834ceG2HOzIZjgXleYc0VMSiPj4qazJgjCgxeJzu66%2BohYpCiCmRCI%2BO30KSGaA5rykR8ByWJYs9QPf9Ovh5msudQyaJggN5tOK26ooKkSKvfCQ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6b79b99569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":843,"size_decoded":843,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f522a3b48b414883e3b7db198f3bd00c","sha1":"917f240bb68191bc716b01c74c5d459be0537ae3","sha256":"02e7684bda1f90f191d82f60e8a98ea236ac3205749dcd1a5cf82a959f968e7d","sha512":"3fb21061639cf5303049565a40bddce95b514c3437adec3d992ff9c1dc334776ceb5a43204c7ac0cdf25810b8236d7609218e04b2279ca18a719dfc5ae7f6de3","ssdeep":"","tlshash":"501127c54e95e4562a0953db33f001a22537bc85e4f61b00daf17477b629844c7f3ce4","first_seen":"2023-06-11T20:55:57Z","last_seen":"2024-08-21T08:57:52.921391Z","times_seen":2272,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":576,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-05.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/index_files/jquery.js","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:49.493Z","timestamp":1710740569493,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /index_files/jquery.js HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:50 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"805560a3dc22da1:0\"\r\nvary: Accept-Encoding\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=qhVUTk1o8tG3BQNrBEe7zAZ6MmHlxGOIKKc2pFHaEBxwHiJRdWwxjnS2pwjMCNz7CzJTgLAogtGviIpuk7drTvTJCMm8ODNHnaMzs%2B367GlWfccUVIu8iKhAS%2BB0eSSiIb77\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6cf4a55569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":87532,"size_decoded":87532,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"c9771cc3e90e18f5336eedbd0fffb2cf","sha1":"6ee8aaa3ac1f4e0ae18717a3fd26892e9f0e4cc5","sha256":"3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24","sha512":"c503341fa3a7176fd10bd8cd7a5717c8faf971f87fa0c158f2d94fcd484ae3ed5031f49414dae833fb806b7365b5699c21d2e655376f69adb052b22f6f6982a7","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GK7:sHNwcv9VBQpLl88SMBQ47GK7","tlshash":"8083f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-10-13T22:05:06Z","last_seen":"2026-06-10T01:56:13.129776Z","times_seen":27658,"resource_available":true,"data":null}},"time_used":845,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":845,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index_files/jquery.js","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fly.linkcdn.to/statics/links/icons-socials/spirit/3.png","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:50.221Z","timestamp":1710740570221,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Mar 2024 04:28:46 GMT","end":"Mon, 03 Jun 2024 04:28:45 GMT"},"fingerprint":{"sha1":"33:70:41:27:31:11:EB:7E:FF:59:3B:55:09:64:E9:28:47:AB:3D:7B","sha256":"4A:4E:7B:02:17:A1:D8:E5:71:46:2F:13:1D:90:F3:FF:E4:37:56:C2:94:13:71:DB:EB:EC:A2:3C:42:8C:75:F6"}}},"request":{"raw":"GET /statics/links/icons-socials/spirit/3.png HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:50 GMT\r\ncontent-type: image/png\r\ncontent-length: 7538\r\nlast-modified: Thu, 10 Sep 2020 13:28:40 GMT\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\naccess-control-allow-origin: *\r\netag: \"229b5dca08997b920118bf7231011cf2\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: iuC6Fg1steT8Wz3R4wxqXxiYpRYnf3HzggDSZ4_1t0cD2UAK8QK1xg==\r\nage: 7138\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=tINuBraF1x1QBXYM5Y41pNI67WDXKRHXjt7hcKkapb%2FioO9RwP6alYc9KnTAP9%2FDjY5wJBl2RXbejLvHQZuzxSUooUHDg5o19mvxIQt98onHx%2FCwXCeFQmfAXJxZhXMe6w%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6d48f2a7127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7538,"size_decoded":7538,"mime_type":"image/png","magic":"PNG image data, 304 x 60, 8-bit/color RGBA, non-interlaced","md5":"229b5dca08997b920118bf7231011cf2","sha1":"69c32741e08b5010b65359c627e9d97ddebffb89","sha256":"aa2a82bbec6afb10324988b2003e61d47a09708b25ac0e2ce3b64950aa2b7a35","sha512":"faeed17cb29aea239f0dd0f154dc3edc8c52eb6a93cb52fec6d2eb2f4839b276c1d08904f2926deedc9e120823ad671c1eda0e27504176e4b3563ff39d7ba1c2","ssdeep":"192:o5n1sSxLeaQsQSI61Hfj1b7Bj8oEOelGN:o5haahdjRFQO7","tlshash":"5ff180cd96dea9f058a3fab17444cda37d205128ca67937cc18e68772d9e149068471f","first_seen":"2023-10-25T02:31:56Z","last_seen":"2026-01-09T10:39:51.901953Z","times_seen":5758,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":108,"dns":64,"connect":1,"send":0,"wait":13,"receive":1,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-08.svg","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.729Z","timestamp":1710740565729,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /loding_files/blue-spinner-processing-step-08.svg HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:45 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"f61c64a3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=3xgH%2BHjGZHHzZnQaiR3lCGgw3eluec%2BGDv8g9U5AIhQQyq5%2B3PtqE4T%2Bg2euV6ceEi4ZNtFweGJcDphZY7vzJWyDf36cvaWJ0bbw%2FKXCQnGmrkGf%2Fgzq43xxA3xy64HpsKYN\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6b79ba1569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":843,"size_decoded":843,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a03b45de0c6979251ef4e887df547705","sha1":"e3bf574cf824b82d63fba45881e9b79643606ecb","sha256":"0a41d8ed27c6bd7a7121900e6e4605670500428f90ff2658474abcbb0ec9bb9c","sha512":"79724bb2dd1910bc3d06a15b6e21795c7120480088ba6158e4ee64bb0b6943c12b8246ade45d5ae9a338dcb9a840249c9b8681983f88bc94c6b7955141e53728","ssdeep":"","tlshash":"ea1104c54e95e4562a0953db33f001a22537bc85e4f65b00daf17477b619844c6e3ce4","first_seen":"2023-06-11T20:55:57Z","last_seen":"2024-08-21T08:57:52.916827Z","times_seen":2273,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-08.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/pg?do=index","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-03-18T05:42:44.881Z","timestamp":1710740564881,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /pg?do=index HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:45 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: private\r\nvary: Accept-Encoding\r\nset-cookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse; path=/; HttpOnly\r\nx-aspnetmvc-version: 5.2\r\nx-aspnet-version: 4.0.30319\r\nx-powered-by: ASP.NET\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=0Ox5PIrQylUYQKlRDSDdHzZ6Pp%2F%2BhFWPIIeVKRDGH6K5i12J6T0R8MnmrerkRLW1FAaQNFJCIsSuU40L2EvBr8%2B8gdV8txNVPUc23hc%2FWCGkwHGuEvUdyOte2oobEcdSOdOq\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6b2ac6756b7-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6051,"size_decoded":6051,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6470), with no line terminators","md5":"2f04e982cbdaf5873fdf9f590c6ac5d4","sha1":"6da053a8764d59501a4b71d9de9d2e1b7cf1a182","sha256":"84a31331b101f6558444d576c7886d3a35efdd09cb70bee1b1e79c5c01425c88","sha512":"8b862e8f8d8dcd0c4b1b3ff2fd1612fd41cc9455dfb7210687cadc15c6c08c06cb926941999d75ae1da6aded2aff015fe0df0d6d6b8df34a8e1d4dc056d05007","ssdeep":"48:aOnVwv2IH7LHEtnVwvn50POSzWYkAZg2HS+mCeSA2j3f+VO5swvAEEq:U7LEt2hE3H4A2VyvAEf","tlshash":"36d19a065895cb391313a1f2587cb92b6fa5f3d45d1581017eec814a07e7dacac7b36c","first_seen":"2024-01-20T18:36:11Z","last_seen":"2024-08-20T11:41:56.908024Z","times_seen":1637,"resource_available":false,"data":null}},"time_used":653,"timings":{"blocked":27,"dns":17,"connect":1,"send":0,"wait":594,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-17","alert":"United States Postal Service","trigger":"upsw.usspawy.top/pg?do=index","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-18","alert":"Other","trigger":"upsw.usspawy.top/pg?do=index","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fly.linkcdn.to/images/verified_sprite.png","fqdn":"fly.linkcdn.to","domain":"linkcdn.to","tld":"to"},"ip":{"addr":"104.21.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:50.213Z","timestamp":1710740570213,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkcdn.to","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Mar 2024 04:28:46 GMT","end":"Mon, 03 Jun 2024 04:28:45 GMT"},"fingerprint":{"sha1":"33:70:41:27:31:11:EB:7E:FF:59:3B:55:09:64:E9:28:47:AB:3D:7B","sha256":"4A:4E:7B:02:17:A1:D8:E5:71:46:2F:13:1D:90:F3:FF:E4:37:56:C2:94:13:71:DB:EB:EC:A2:3C:42:8C:75:F6"}}},"request":{"raw":"GET /images/verified_sprite.png HTTP/1.1\r\nHost: fly.linkcdn.to\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:50 GMT\r\ncontent-type: image/png\r\ncontent-length: 3460\r\nlast-modified: Tue, 19 Sep 2023 08:47:05 GMT\r\netag: \"8302f6a83bd1aec82c83d2830f210470\"\r\nx-amz-server-side-encryption: AES256\r\nstrict-transport-security: max-age= 63072000; includeSubdomains; preload\r\ncontent-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: same-origin\r\naccess-control-allow-origin: *\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: vPW2u8uvSXOtQEfQOGtRjcQVErEyToz592zHG6fQQGnQjD1GZKeWrg==\r\nage: 521\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=x%2BFA1bpk94HPuydLNlDKZSGkCZ0UquzCQBgnxO9Kv%2FxPKYk5RT1q5yOmyCs%2BPmnfWM7gJGHIOpZd%2BnqrTQjAkok6zuWSGvddPrcaRz1QPqcxmqaHg0F%2BC%2Bv9s8WqD3TuRA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6d4af3b7127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3460,"size_decoded":3460,"mime_type":"image/png","magic":"PNG image data, 284 x 72, 8-bit colormap, non-interlaced","md5":"8302f6a83bd1aec82c83d2830f210470","sha1":"4399125de0cb0d08ca50698a07756105ce10347a","sha256":"4d11f37fae309c522c4c45d9f75cb48f0651a09a9d278cddbd19a1a8e31aa9a3","sha512":"bad9bd32d2449b003386b1e2077639b2b8875c6643e8ca24381eeb5f0dc49d80b572a3fc7a1a81e960ea5584ae4a7ff38f516e778571a93d0c71490abeb574d0","ssdeep":"","tlshash":"ed614c5b754a66368e5ce22c196270d37c11bd6b047830993655b13d4e32108e37f5ba","first_seen":"2023-09-22T02:47:41Z","last_seen":"2025-09-25T14:17:24.319897Z","times_seen":5798,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":130,"dns":69,"connect":6,"send":0,"wait":13,"receive":6,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-09.svg","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.730Z","timestamp":1710740565730,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /loding_files/blue-spinner-processing-step-09.svg HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"ea6a64a3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=yKWu%2B400FPtMQns%2BtmN4JO7504dNTN%2F2icQSiIDF3oeKI%2BSkRTi8oeWezwhT3ufMvl5dML3ePJ8ElBx6nbNR%2FYJXhLNuX42KPNPtqxVC4T1s04V%2BcS3hW0ezjxMWp2fJgUvz\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6b79ba3569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":843,"size_decoded":843,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"417839b09a8d3084728dc507b1680fea","sha1":"d400fa0cd60f85d4bbe17029f970b3238669f9f7","sha256":"cee9e28b791084c5f3890d0d7878cb7363557088798f18e5d2e5bf1959660cb7","sha512":"a39f1fc343e0b7333c05dde382358b553c5c2ddc9e981a1f40cd42e22795803de19ea9902b094356999d3d5864e59c0c39e16d1929d73aef8ad0ce9bc65a1cbd","ssdeep":"","tlshash":"b81104c54f95e4561a0543db33f001a22537bc85e4f65b10daf17477b619844c6e3ce4","first_seen":"2023-06-11T20:55:57Z","last_seen":"2024-08-21T08:57:52.917476Z","times_seen":2253,"resource_available":false,"data":null}},"time_used":575,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":575,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-09.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-10.svg","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.732Z","timestamp":1710740565732,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /loding_files/blue-spinner-processing-step-10.svg HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"d6b864a3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=64bzJQwBaI%2B1PKo%2BE5DvS8kn3%2FFYpnTzxiUfCoanFcLm0XbRDe9VW2dR5zfk4gwgeggM3XDH81aUUMRdvwVPrI0Ku77rIUs6dKNOQ0DnVXSi%2BmrED3Z0kQ1YuVKbE0bFWLe6\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6b79ba4569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":843,"size_decoded":843,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"12c33aa5635a5b67467879cbc4a827bc","sha1":"68f7d99e29977ba3f02b3abc20d71d286ea3c2ac","sha256":"8ade823e71fe766a87bdd9955c10127197aed2912cc98126e069bff98deec08f","sha512":"2a15e430276a30548aaef61b0c5ee7f2d1fc35cd4abbe6a8f77b76768e042a2b309c0a68b9a509c15d56cede2fcccb18c33c6ccb155c907aead9e93186f708c4","ssdeep":"","tlshash":"1c11dcca4f95e4661a0582db33b001a22537bc86e4f65b10eaf1747bb619848c6e3ce8","first_seen":"2023-06-11T20:55:57Z","last_seen":"2024-08-21T08:57:52.922243Z","times_seen":2237,"resource_available":false,"data":null}},"time_used":574,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-10.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/loding_files/Information.css","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.701Z","timestamp":1710740565701,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /loding_files/Information.css HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"805560a3dc22da1:0\"\r\nvary: Accept-Encoding\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=M8rQsl4GI9mxu4pHK2jdbr%2BZvESXUy1uC9qtAJmu4%2BpmayoOkKCKD6Jkyf4RKR5NlzgTksdFIaW3nw%2FmsGKxjXKa67Nf8ottIjKK%2BjY45GhW7VPQJupZHuRF3bPZ4%2BjLdqJ9\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8662e6b78b8a569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":99712,"size_decoded":99712,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8e3ed9106163dbc1484bbddc651d505a","sha1":"e8503df37c2a844076a9b43f4eb443cb5cefd853","sha256":"8009effdd85ae4640ab0c8458c356b009b9f118d024dc9baf151c3c20efae958","sha512":"7f8b3d310736d7a52ae7a82ff35a4d342a43281e6695a7614590bd56fd22f72499d4a88c6a69c00f7adc57d29179315d32e0b1acbcb7c8cecc97461318dbd7e5","ssdeep":"1536:1wRhgtafrebU4ROuW500krD1LKwzgDhmVPGpk2yw:1wRhgtafrebU4ROuW500krD1Lg","tlshash":"1ba3bc89ff66113cb616081df489f9fe2e3a4b97695a3bf6f4909015cfc5060322ba47","first_seen":"2023-10-29T18:09:44Z","last_seen":"2024-08-20T21:54:45.994533Z","times_seen":2349,"resource_available":false,"data":null}},"time_used":843,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":843,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/Information.css","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-06.svg","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.725Z","timestamp":1710740565725,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /loding_files/blue-spinner-processing-step-06.svg HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"20a863a3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=3DnvlsCpifNdDL5GmnZFTGdXtCsnYDLRAaEebcm7Psgbon0JE97O5mt4frYzuQ1Jox84Git5ACrAfgtTVm23e%2FUA9tnfKp22LYeY6u%2BODdC096fCGaP2IZLLU7hbpysi%2FolT\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6b79b9c569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":843,"size_decoded":843,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bfbbd52343371cd43b75bfe2f9861e15","sha1":"e0288e43de5a8ba36675a07fa046dbf4a2326cfa","sha256":"f9324fa484a50e8472ff5b9fc6f0bdbd2ec84b8a13e58451ad3e3498620d3a19","sha512":"19c24cbea31d9130219fa0cbbb464b378445c5cf78d7e600451f3cda4c321e72dd23860ed779bbeaf439772e9ac72ce2ac39ed768295741b8e5a44c4e3d523f7","ssdeep":"","tlshash":"171127c54e95e456261953db33f001a22537bc85e4f61b00daf17477b629844c7f3ce4","first_seen":"2023-06-11T20:55:57Z","last_seen":"2024-08-21T08:57:52.930199Z","times_seen":2298,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-06.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-07.svg","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:45.728Z","timestamp":1710740565728,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /loding_files/blue-spinner-processing-step-07.svg HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:46 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"7f663a3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=7wDbU0pgfQu6uPEqJha%2BAtd3V8GtkMI66Zwbj3ZfD1ULQrXu0Skrd36aTJWqP458OoWaQgM9p%2FYPw2Js4hDWXEwcbNW0C9XopxGBS0hlUQVLKvKMQBF3olARcqlzoxw9nKmP\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6b79ba0569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":843,"size_decoded":843,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e00cc2f4af11fdb292df12413ea8e367","sha1":"6b882ff6e0e5e240f883e1aff33f9c3458255d12","sha256":"c87a43546280f15adce3a2c32507ae766bc601ad327c3a1fc3ab8dba4465fa03","sha512":"0e8b1648d1770f453d94c795b8b4a282210f0ec18e2dd71362fba4fcb3f54808a75cdc5b1e8a2eb2de94f163fd18228791169d1648842d96361ebeebd53d51c2","ssdeep":"","tlshash":"5e1127c54e95e4562a0953db33f001a22537bc85e4f61b00daf17477b629844c7f3ce4","first_seen":"2023-06-11T20:55:57Z","last_seen":"2024-08-21T08:57:52.931482Z","times_seen":2251,"resource_available":false,"data":null}},"time_used":573,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":573,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/loding_files/blue-spinner-processing-step-07.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsw.usspawy.top/index_files/logo_mobile.svg","fqdn":"upsw.usspawy.top","domain":"usspawy.top","tld":"top"},"ip":{"addr":"104.21.12.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsw.usspawy.top/pg?do=index","date":"2024-03-18T05:42:49.492Z","timestamp":1710740569492,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usspawy.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 06 Mar 2024 21:50:55 GMT","end":"Tue, 04 Jun 2024 21:50:54 GMT"},"fingerprint":{"sha1":"6F:6F:27:BB:88:57:7C:40:4A:E8:11:1E:77:E2:4C:AC:68:3C:7E:93","sha256":"3C:08:C5:7E:ED:22:75:50:2C:4F:0E:9B:BC:A7:86:49:38:31:2B:A7:D3:B3:47:61:AA:A3:AD:59:BC:A8:5E:D3"}}},"request":{"raw":"GET /index_files/logo_mobile.svg HTTP/1.1\r\nHost: upsw.usspawy.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsw.usspawy.top/pg?do=index\r\nCookie: ASP.NET_SessionId=kc01twvhjbvxqyjx5kw1aqse\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Mar 2024 05:42:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 29 Nov 2023 15:56:39 GMT\r\netag: W/\"d0e19ca3dc22da1:0\"\r\nx-powered-by: ASP.NET\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=w0zQGtZrpnGIffFb2nmnFEf%2F4Knh8J%2B%2BGlrmAcbHsRYW%2Bcveui%2BZ59zmydtkKXHWwey%2FhFrBWaCIVXFmVBZk7QjOAMygWAbXczJVZDuuyaradnHR5GEn65rip4PO4VnJ63jx\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8662e6cf4a53569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2060,"size_decoded":2060,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e2168d4dc7567ef926b7623237981a82","sha1":"e316de76563718e76dca3496358cd6364e283f94","sha256":"bea15c662f2670c57110879e989f6312ce35fe454a22a7b46b2b63e908337784","sha512":"8744e9098aa89579616f8ba79f1288f51a70a8fd017a0c1d182e0460e7f964b3d490f0aed8041695e8a7898cb3bd201cd909224a81c87ecd6c16dbee1bef95ab","ssdeep":"","tlshash":"7041997b4774f6a96a49037698f800892033ec9bb0b497f467ab3416e09ccd4e69dca4","first_seen":"2023-05-04T07:31:04Z","last_seen":"2025-04-05T12:32:02.752395Z","times_seen":3319,"resource_available":false,"data":null}},"time_used":582,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":582,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-03-16","alert":"United States Postal Service","trigger":"upsw.usspawy.top/","verdict":"phishing","severity":"medium","comment":"United States Postal Service","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2024-03-16","alert":"Other","trigger":"upsw.usspawy.top/index_files/logo_mobile.svg","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}}]}