Report - fjkkeqg.live/us/

Report Overview

Visited public
2025-06-11 15:15:17
Tags
usps logistics phishing
URL
fjkkeqg.live/us/
Finishing URL
fjkkeqg.live/us/
IP / ASN
172.67.196.212
#13335 CLOUDFLARENET
Title
Welcome | USPS
Phishing - US Postal Service
Phishing - Generic phishing
Phishing - Generic Phishing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fjkkeqg.live	unknown	2025-06-10	2025-06-11	2025-06-11	3.7 kB	3.0 MB	104.21.92.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	fjkkeqg.live/us/assets/fliceXIj.js	ScriptElement	36 kB	2025-06-10	2025-06-11
Pretty URL fjkkeqg.live/us/assets/fliceXIj.js IP 104.21.92.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-10 16:25 Last Seen2025-06-11 15:15 Times Seen3 Hash f5824bc5b1d2b8c2c5a9577aedcbc732 7d256635eaf9eac978baa6eeff210917178dc3c0 d95c681acdc0f86ab7c9e780459b9438422f7cf067a59822a9916477770e2d7d Loading...

	fjkkeqg.live/us/	ScriptElement	314 B	2023-03-11	2025-06-14
Pretty URL fjkkeqg.live/us/ IP 104.21.92.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 11:23 Last Seen2025-06-14 15:10 Times Seen5787 Hash cd7a34e714de94d5c29b8ac5acdde24b b722bccb435490630d97ef88cafeb02d92f70fd0 312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71 Loading...

	fjkkeqg.live/us/	ScriptElement	84 B	2023-04-07	2025-06-14
Pretty URL fjkkeqg.live/us/ IP 104.21.92.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 06:55 Last Seen2025-06-14 15:10 Times Seen14358 Hash 528dd01eb509d1fc3c68b48e165c9d77 8d702f33d869eb8c53cf75c17014f96385322395 b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a Loading...

	fjkkeqg.live/us/assets/CvbGxAYE.js	ScriptElement	1.4 MB	2025-06-10	2025-06-11
Pretty URL fjkkeqg.live/us/assets/CvbGxAYE.js IP 104.21.92.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-10 16:25 Last Seen2025-06-11 15:15 Times Seen3 Hash 00bae818cfdf6e5989830a1d966a0ce6 ae662aa6867141ac672e44e0dc973ce0d2ed86a7 a8d2ac8f18f51fc6ab1685fd4664864c3eb2624ab93c049434eace7e5d137afc Loading...

HTTP Transactions (8)

URL IP Response Size

fjkkeqg.live/us/assets/CvbGxAYE.js

104.21.92.174

200 OK

1.4 MB

URL GET
fjkkeqg.live/us/assets/CvbGxAYE.js
IP
104.21.92.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fjkkeqg.live/us/
Certificate
IssuerGoogle Trust Services
Subjectfjkkeqg.live
FingerprintED:BF:AB:E2:3C:2C:40:70:C1:34:11:27:97:FC:1A:A5:AE:0A:BA:A3
ValidityTue, 10 Jun 2025 14:05:28 GMT - Mon, 08 Sep 2025 15:04:08 GMT

File type
JavaScript source, ASCII text, with very long lines (30588)
Size
1.4 MB (1353720 bytes)
Hash
00bae818cfdf6e5989830a1d966a0ce6
ae662aa6867141ac672e44e0dc973ce0d2ed86a7
a8d2ac8f18f51fc6ab1685fd4664864c3eb2624ab93c049434eace7e5d137afc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - Generic phishing
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /us/assets/CvbGxAYE.js HTTP/1.1
Host: fjkkeqg.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fjkkeqg.live/us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 15:14:43 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Wed, 11 Jun 2025 15:14:43 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=YR9eaJexhrLwfifWTx4dcqlzEI2mL2NsH%2Ft4LEe4BMYy5ZlB8IsVDIxc7zkmWScLhGcGIr%2FJJQKRxvTtysepsM4WJ9%2FLHlDcSms%3D"}]}
cf-ray: 94e20f4cdff5568d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fjkkeqg.live/front/checkIp?token=123

104.21.92.174

200 OK

226 B

URL GET
fjkkeqg.live/front/checkIp?token=123
IP
104.21.92.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fjkkeqg.live/us/
Certificate
IssuerGoogle Trust Services
Subjectfjkkeqg.live
FingerprintED:BF:AB:E2:3C:2C:40:70:C1:34:11:27:97:FC:1A:A5:AE:0A:BA:A3
ValidityTue, 10 Jun 2025 14:05:28 GMT - Mon, 08 Sep 2025 15:04:08 GMT

File type
JSON text data
Size
226 B (226 bytes)
Hash
7da9fd58e6f51648b4427516e92bb2d6
a9eb307e9dbe467dfd9a992ec43f5ad8745bb191
af5dc3980580b191347817c2f9d0fc3943ffe9fd53d76bee95e0855289769f39

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /front/checkIp?token=123 HTTP/1.1
Host: fjkkeqg.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fjkkeqg.live/us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 15:14:45 GMT
content-type: text/plain;charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mIv4DZNYKbFayOe6Lw4WodfeUeeya6gqwsGYQum4D%2FDh9NCdEMb12mwkBMkLnp2LE53j1CF0G6x8S4Kc744%2FbXFOXt%2B8SYt0XWu7hYXK94PeyscSCgkrmFI5Z5Qc%2BMI%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94e20f564a7956ae-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2699&min_rtt=578&rtt_var=1887&sent=141&recv=209&lost=0&retrans=0&sent_bytes=10804&recv_bytes=11637&delivery_rate=599515&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=8853d8537b41d92f&ts=2187&inflight_dur=32&x=80"

fjkkeqg.live/us/

104.21.92.174

200 OK

2.4 kB

URL User Request GET
fjkkeqg.live/us/
IP
104.21.92.174:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectfjkkeqg.live
FingerprintED:BF:AB:E2:3C:2C:40:70:C1:34:11:27:97:FC:1A:A5:AE:0A:BA:A3
ValidityTue, 10 Jun 2025 14:05:28 GMT - Mon, 08 Sep 2025 15:04:08 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (433)
Size
2.4 kB (2445 bytes)
Hash
aa0d5e28eb093d070f8b2afa3ff9e65f
65c52fe53d38a516d082e86d0fe95619335b7dd2
0fdd04bdcdea6570a25582c2264c422ea2a10ecf47ffcb3725198ae185d12e24

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /us/ HTTP/1.1
Host: fjkkeqg.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 15:14:43 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=03FUxdiRmh%2FAozJW9b2Bsm9U35TBC3GjKwegNIwYAV7tn5IsJnnuWg7c1ffbuA7jDUVAjniOZwRGp2LtoPZS2O19ohMA3O%2FQNzY%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94e20f480fff568d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fjkkeqg.live/us/assets/fliceXIj.js

104.21.92.174

200 OK

36 kB

URL GET
fjkkeqg.live/us/assets/fliceXIj.js
IP
104.21.92.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fjkkeqg.live/us/
Certificate
IssuerGoogle Trust Services
Subjectfjkkeqg.live
FingerprintED:BF:AB:E2:3C:2C:40:70:C1:34:11:27:97:FC:1A:A5:AE:0A:BA:A3
ValidityTue, 10 Jun 2025 14:05:28 GMT - Mon, 08 Sep 2025 15:04:08 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (36027), with no line terminators
Size
36 kB (36028 bytes)
Hash
f5824bc5b1d2b8c2c5a9577aedcbc732
7d256635eaf9eac978baa6eeff210917178dc3c0
d95c681acdc0f86ab7c9e780459b9438422f7cf067a59822a9916477770e2d7d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /us/assets/fliceXIj.js HTTP/1.1
Host: fjkkeqg.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fjkkeqg.live/us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 15:14:43 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Wed, 11 Jun 2025 15:14:43 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=klWRr79X%2FBOfsuHAcQ7fy7rfFRBIlc6qYrTYo5OkbB23QMQYHXw21qVrx2hyNzTvbHVPZ7K1EejK6IC8lJlPQevtWfD90beCouQ%3D"}]}
cf-ray: 94e20f4cdff4568d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fjkkeqg.live/us/assets/BlYYgT45.css

104.21.92.174

200 OK

1.5 MB

URL GET
fjkkeqg.live/us/assets/BlYYgT45.css
IP
104.21.92.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fjkkeqg.live/us/
Certificate
IssuerGoogle Trust Services
Subjectfjkkeqg.live
FingerprintED:BF:AB:E2:3C:2C:40:70:C1:34:11:27:97:FC:1A:A5:AE:0A:BA:A3
ValidityTue, 10 Jun 2025 14:05:28 GMT - Mon, 08 Sep 2025 15:04:08 GMT

File type
ASCII text, with very long lines (65319), with CRLF line terminators
Size
1.5 MB (1545490 bytes)
Hash
f781bea0af042e8d285d51249c379626
7b4bba7e3a15f8bee6dd2f77e8a167297e80d9e1
01bc607d9314f4a325c69b81cb1fc0309f010d72c213a6f55d72cdf47d058f2b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /us/assets/BlYYgT45.css HTTP/1.1
Host: fjkkeqg.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fjkkeqg.live/us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 15:14:43 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Wed, 11 Jun 2025 15:14:43 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=CIOF6KB%2BQmcZDMNBevR379N8JRQthrSFZzpg1tfyZROo0GYEMjkKKf5Ymce67kmpFZGkPZOA0I0Sa%2Bp%2F1xwTaGWJtxUlvMUEj9I%3D"}]}
cf-ray: 94e20f4cdff8568d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fjkkeqg.live/us/assets/BHcjXi3x.gif

104.21.92.174

200 OK

60 kB

URL GET
fjkkeqg.live/us/assets/BHcjXi3x.gif
IP
104.21.92.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fjkkeqg.live/us/
Certificate
IssuerGoogle Trust Services
Subjectfjkkeqg.live
FingerprintED:BF:AB:E2:3C:2C:40:70:C1:34:11:27:97:FC:1A:A5:AE:0A:BA:A3
ValidityTue, 10 Jun 2025 14:05:28 GMT - Mon, 08 Sep 2025 15:04:08 GMT

File type
GIF image data, version 89a, 256 x 256
Size
60 kB (59994 bytes)
Hash
fadd89694f57f3d6143989b62b09b288
1c6d340af3c4b392538a96c9313136fb23087aa0
7515437df23c4af47700948c1650f0f9460da07e86a9447d33cfda1f36c91052

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /us/assets/BHcjXi3x.gif HTTP/1.1
Host: fjkkeqg.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fjkkeqg.live/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 15:14:43 GMT
content-type: image/gif
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Wed, 11 Jun 2025 15:14:43 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4PuWHt1lKbzDJyBJL%2FcGlFtR5jirx%2Bd6jxf8DGh%2BcXmfEv%2BoCys4D%2FEFtVRe4vFVt4Qi%2FFjrFvfL0BXXOtBryy5T%2BYmQpzaS70E%3D"}]}
cf-ray: 94e20f4cdffa568d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fjkkeqg.live/us/favicon.ico

104.21.92.174

200 OK

32 kB

URL GET
fjkkeqg.live/us/favicon.ico
IP
104.21.92.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fjkkeqg.live/us/
Certificate
IssuerGoogle Trust Services
Subjectfjkkeqg.live
FingerprintED:BF:AB:E2:3C:2C:40:70:C1:34:11:27:97:FC:1A:A5:AE:0A:BA:A3
ValidityTue, 10 Jun 2025 14:05:28 GMT - Mon, 08 Sep 2025 15:04:08 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
32 kB (32038 bytes)
Hash
3f0f72ed57a54b97cda500bcf0545efb
2f252619c18e729d98e16b96d37cd7cd567b38eb
67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /us/favicon.ico HTTP/1.1
Host: fjkkeqg.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fjkkeqg.live/us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 15:14:45 GMT
content-type: image/vnd.microsoft.icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zRiVWWWjTDab3hRHzOqCzexKO2dv9MH300IqThXNcOCoFB8S%2FyNsYcUJvwZZPJM85qn5pM2d7Tfn%2F%2F%2BmAcslYsPDefjgivsc8lx4Sf%2FpIFkocRiFkyneb8jyfLBJ00%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Wed, 11 Jun 2025 15:14:45 GMT
cf-ray: 94e20f597a8e56ae-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2819&min_rtt=578&rtt_var=1655&sent=143&recv=211&lost=0&retrans=0&sent_bytes=11732&recv_bytes=11963&delivery_rate=599515&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=8853d8537b41d92f&ts=2671&inflight_dur=56&x=80"

wss://fjkkeqg.live/front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6NDk4Mjl9.UksdU05gMYcYFpsmRpS01XGJzvZtfyeYmJY2N-C1pj8

104.21.92.174

101

0 B

URL GET
wss://fjkkeqg.live/front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6NDk4Mjl9.UksdU05gMYcYFpsmRpS01XGJzvZtfyeYmJY2N-C1pj8
IP
104.21.92.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fjkkeqg.live/us/
Certificate
IssuerGoogle Trust Services
Subjectfjkkeqg.live
FingerprintED:BF:AB:E2:3C:2C:40:70:C1:34:11:27:97:FC:1A:A5:AE:0A:BA:A3
ValidityTue, 10 Jun 2025 14:05:28 GMT - Mon, 08 Sep 2025 15:04:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6NDk4Mjl9.UksdU05gMYcYFpsmRpS01XGJzvZtfyeYmJY2N-C1pj8 HTTP/1.1
Host: fjkkeqg.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://fjkkeqg.live
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BbnZgcMIdVBrUrPrwygPsw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 
Date: Wed, 11 Jun 2025 15:14:45 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: v0zeo1BghwdBD226iYPQXutYuUg=
Sec-WebSocket-Extensions: permessage-deflate
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6qKlugRdAQwIxPoZhU1gusY%2BlOdOL6rxpE8GT6oRtGU20EW2vWKL8WJc8eRHO57RvLZjnGcqgJogLRYonFCEHSQuwfTQ8vNf4%2FSouyCVeMgDipSn7io77qBeKyIH9f0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 94e20f5a18cfb500-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=482&min_rtt=455&rtt_var=140&sent=5&recv=8&lost=0&retrans=0&sent_bytes=3112&recv_bytes=1258&delivery_rate=7702127&cwnd=252&unsent_bytes=0&cid=8ec8a530d9c8143c&ts=406&x=0"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers