r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2178
Expires: Tue, 28 Mar 2023 09:11:54 GMT
Date: Tue, 28 Mar 2023 08:35:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2216
Expires: Tue, 28 Mar 2023 09:12:32 GMT
Date: Tue, 28 Mar 2023 08:35:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13445
Expires: Tue, 28 Mar 2023 12:19:41 GMT
Date: Tue, 28 Mar 2023 08:35:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 28 Mar 2023 08:28:01 GMT
content-type: application/json
age: 455
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: q0J49UJnEybVDyXCtuYL+krHlTi7YmDyH/ZPQJFftPnbrOkIVef0XyUr2TmvNfPpLg9xE8RvfVk=
x-amz-request-id: RSWWCRDYDX9A3ZYP
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 28 Mar 2023 07:56:08 GMT
age: 2368
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 08:35:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 28 Mar 2023 08:17:24 GMT
age: 1093
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5413
Expires: Tue, 28 Mar 2023 10:05:50 GMT
Date: Tue, 28 Mar 2023 08:35:37 GMT
Connection: keep-alive
push.services.mozilla.com/
35.162.98.11101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.98.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1v5VbYsrhI3Dw6iRBGLI2A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PBJSRBQFmqg/a2hLPgk8k7vYsVw=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20941
Expires: Tue, 28 Mar 2023 14:24:39 GMT
Date: Tue, 28 Mar 2023 08:35:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20941
Expires: Tue, 28 Mar 2023 14:24:39 GMT
Date: Tue, 28 Mar 2023 08:35:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20941
Expires: Tue, 28 Mar 2023 14:24:39 GMT
Date: Tue, 28 Mar 2023 08:35:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e828b7227de7aa7a7b7c54c96e0cef9a
9a717142ab25dabf9123485ef51ed586662d2a71
0390f8771432de010cc11e11be2e2dfa7c303664858a5b066e66a628a1f3dd66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8553
x-amzn-requestid: 05cb5115-a27b-485a-89fd-670bdb5bb06f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbofHHPIAMFkQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-774bb5d725336b35088e2527;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: NcKs_URb5dFDbkEoCqy2_fjKWneX7mifmEbd5MA5unqkhiPAIH9GPg==
via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 38728
etag: "9a717142ab25dabf9123485ef51ed586662d2a71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15e37de1dba62187e1e5f012145813f3
cfe8cd953330252e15594f403e2f38ec56acdfd7
89bf7dbcf5a7fca006545f001b47de0ab6f94014de4bd4c519f6050e6daa5aa0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6542
x-amzn-requestid: 1106a670-cf68-4e3d-b5af-3013407acc5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbsjGAaoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cb6-726c7ba02ddb31182834d82d;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:58 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: TTkQTse69m-F42cDPL9Ekonn48FG74B_3jFCpvBEa7au89m0_JE3og==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:06:45 GMT
age: 37733
etag: "cfe8cd953330252e15594f403e2f38ec56acdfd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e7f11a7b2bcf82694495805df139feed
45e59e98fb4aeb3ca44c15e3e3bb77466cffe5e6
96ba810197f578fb975bd853acbe948c8e984a7b94d172305d411d4381cf80ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 7e76212a-4621-45ca-9212-da6957f4861f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdb5bGSiIAMFtoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220d08-507bf48c3eeba38b719de318;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:39:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: Zy7ItZQS-88zGHgnpCOzsRh6BL36AzV2MM-zUB5nCcLnaqgbJh8NxA==
via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:14:11 GMT
age: 37287
etag: "45e59e98fb4aeb3ca44c15e3e3bb77466cffe5e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ada29e049501b12a35b0bcc5f68e3e57
5c1ba9bffbcc9007e7f119dbb3197db34a12f8da
b45583b5845129386a456e03fbdba25305c8d6d9fb5a8f01d783816ced080629
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10744
x-amzn-requestid: d693d820-7eed-47a3-9b0b-8f43c141bd3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbogF0poAMFTAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-22ab350146e8a3a606f74c42;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: uCaEsILUx4u_fBJ7J9CgQanUW-BmV69mFvGRjZ0roFWluE_joVyVrA==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:48:21 GMT
age: 38837
etag: "5c1ba9bffbcc9007e7f119dbb3197db34a12f8da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 38728
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5d955ec5d3a9f655e4ca0523acfd039
e8b2cd28a02a2cee1b4e57c57570f2598721ff57
e7753ef91d6f04dce00f83cb1ba3ea4f1abb52140993fbee375e506597cee529
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6970
x-amzn-requestid: 9f7a82d7-dbba-4c67-a330-6a7f2b68177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdn3zGn7oAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64222031-1d97c16f7a9c163c02fe72ac;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 23:01:05 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tFYFwzjyNtfiOJ3pLPC126YgOclndkmPYWrFTdLcWP9LgP9xjj_snQ==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 23:12:05 GMT
age: 33813
etag: "e8b2cd28a02a2cee1b4e57c57570f2598721ff57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nhzava.xyz/wp-admin/uspstrack/verification/
103.191.240.112200 OK 52 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1057)
Hash f3b62879f3f97e23881c805f96d242dd
798e48b8916eb1e22903a3e8a11c1efc50580946
a40b012269a3c3d12cb49a29066409d0a17675a6fb930881a08dffb65fd1b8c9
GET /wp-admin/uspstrack/verification/ HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:37 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
nhzava.xyz/wp-admin/uspstrack/verification/files/metrics-all.js
103.191.240.112200 OK 11 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/metrics-all.js
IP 103.191.240.112:0
File type ASCII text, with CRLF line terminators
Hash 65ab5df156a2a51b278f9967fc154f28
db841daeeb75283b73216a616f52489f6f3bebc3
c7a923623e0ef6cf3ec2c4afa6b3f757ee1f183ac9503e7295629fff50a27597
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/metrics-all.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:39 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 11230
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/footer.css
103.191.240.112200 OK 2.9 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/footer.css
IP 103.191.240.112:0
File type ASCII text, with very long lines (2933), with no line terminators
Hash 530d53f217d1c2dcd18267587f66d557
2011593916b3fd3cbc0cf618807d7e7b1467fa68
918439d31704a7efd16b3c23a42ea7e48f21fb008096b45d217444f3e28e1fc5
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/footer.css HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:39 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 2933
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
nhzava.xyz/wp-admin/uspstrack/verification/files/calendar.css
103.191.240.112200 OK 15 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/calendar.css
IP 103.191.240.112:0
File type ASCII text, with very long lines (14589), with no line terminators
Hash 21b96abf877a23a0f752c929993c8129
ede223c9648da1d6ad38f463fa71e934b2daa4b7
b6b538331a7716ca132d0fbbdc31e51a5c17047c14474e3f738f70472f08473d
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/calendar.css HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:39 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 14589
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
nhzava.xyz/wp-admin/uspstrack/verification/files/datepicker3.css
103.191.240.112200 OK 21 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/datepicker3.css
IP 103.191.240.112:0
File type ASCII text, with very long lines (20872)
Hash 3f191e9506e3df8a493126d277bf2155
3cfd9acd0a02ba1a770b31b665599cd18544c1c7
b02fa0b7acc5f314a89a9e9c493ba6f13500cc9fb8374a3111ab6fa67500be3d
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/datepicker3.css HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:39 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 21117
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
nhzava.xyz/wp-admin/uspstrack/verification/files/jquery.min.js
103.191.240.112200 OK 85 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/jquery.min.js
IP 103.191.240.112:0
File type ASCII text, with very long lines (65453)
Hash 8234c1aca62c1e09cc00f7fb5908d309
831062e805247046abdbab52149b03604119fd11
e1ee1eb92c6acc3fbf821c99963ad92dd9954d576eababe7f6df6800f91bc062
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/jquery.min.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:39 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 84832
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/tracking-cross-sell.css
103.191.240.112200 OK 3.1 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/tracking-cross-sell.css
IP 103.191.240.112:0
File type ASCII text, with very long lines (3075), with no line terminators
Hash 2c6c2bae5d602f55892faeaa1a4ff974
3c5fba164e02726bf62e8d5f7f70984e8208dd5e
0c49eb2734535aca911b921f734594a8bc288ffd69ac85beef19da552a105dde
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/tracking-cross-sell.css HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 3075
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
nhzava.xyz/wp-admin/uspstrack/verification/files/optimize.js
103.191.240.112200 OK 93 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/optimize.js
IP 103.191.240.112:0
File type ASCII text, with very long lines (1972)
Hash 8a59b241d202a479a0b46f967afcfefa
2e3e28efbc1d20256eabb526bc59b2ac17dc90f7
611e8b291568bc69886b5cf92f1cf782092132d85098e851013bcff53c3f5c92
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/optimize.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:39 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 93069
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/jquery-ui.min.css
103.191.240.112200 OK 32 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/jquery-ui.min.css
IP 103.191.240.112:0
File type ASCII text, with very long lines (29153), with CRLF line terminators
Hash f317653127e1c9f7f5e3cb37fe9db946
35ca56f8f7395d30c95d97a8c00ede0c7cd03af9
cd4e2cd505b71a38c564a21fec47a02c21555e2b1f91ba7b6d4cbdb04de4e082
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/jquery-ui.min.css HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 32025
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
nhzava.xyz/wp-admin/uspstrack/verification/files/schedule-redelivery.css
103.191.240.112200 OK 23 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/schedule-redelivery.css
IP 103.191.240.112:0
File type ASCII text, with very long lines (23038), with no line terminators
Hash bdfffbb68be1fd26eb09e327bed45351
d197097d59665e71528a1b4d76073526e857ef1b
f4e8195415de924f3045e054704c9ef253097a3d7e1e556a43083132b17467ac
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/schedule-redelivery.css HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 23038
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
nhzava.xyz/wp-admin/uspstrack/verification/files/require-jquery.js
103.191.240.112200 OK 74 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/require-jquery.js
IP 103.191.240.112:0
File type ASCII text, with no line terminators
Hash ea38e8196b75d9720bc3902d6d735130
165284464c58d7f213c1211f2c433873299e4527
cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/require-jquery.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 74
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/main.css
103.191.240.112200 OK 80 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/main.css
IP 103.191.240.112:0
File type ASCII text, with very long lines (49380), with CRLF line terminators
Hash 7d15375181a241207e9c42a1d8101cda
9643ecfa8d6b3958c3cb02c2d5a2df0a1e3a7de0
9c5ce7229f264a3bc86d1bf6482cc721484f24afef2d070d5b14083f4d6425f5
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/main.css HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:39 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 79631
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
nhzava.xyz/wp-admin/uspstrack/verification/files/helpers.js
103.191.240.112200 OK 695 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/helpers.js
IP 103.191.240.112:0
File type ASCII text, with very long lines (695), with no line terminators
Hash 5372347b4f98f60b33579180ef6a3567
02064f1641c40b35c14a0da9ee310de54ff76cd5
7fa317b049ed33139394313aba29f27b7f11a226270bf10ce1c26d674c0177e4
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/helpers.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 695
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/search-fe.js
103.191.240.112200 OK 2.2 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/search-fe.js
IP 103.191.240.112:0
File type ASCII text, with very long lines (2235), with no line terminators
Hash 418d20c9da7f39976dcd043467cd9c05
242c058aa62349fe3fa781ce9ef622f882c73d6a
55bf60330b23f3982e77dd63d9796997da15a61bddec70142f2c7eefed880c66
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/search-fe.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 2235
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/bootstrap.min.css
103.191.240.112200 OK 121 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/bootstrap.min.css
IP 103.191.240.112:0
File type ASCII text, with very long lines (65371)
Size 121 kB (121091 bytes)
Hash 148113d0fc5638a9c63faa0852746a28
376560faf7b32f3768f9cceb0813cdc6125d6269
18961a60d0e8347696fb7f0b322232eef10638dcb029f9d3961f9db7e0a787cc
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/bootstrap.min.css HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:39 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 121091
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
nhzava.xyz/wp-admin/uspstrack/verification/files/qt.css
103.191.240.112200 OK 51 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/qt.css
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1599), with CRLF, LF line terminators
Hash ea7441cf1694e85f90f0b0f6e4e4f607
d7b4c31f8d76d0cf4da99e2f2dbab97c4f441b33
1925ce0c88a54751f2da5f3e2d1d2fb0af80296c205c41e940bb34765944387a
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/qt.css HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 51200
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0
104.17.225.78200 OK 0 B URL HTTP/2 fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0
IP 104.17.225.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:35:40 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: T0ZH1hXNoB6jtguc1LneBuShAW+pnL1xXkATYgstf9s/Ek+CPWrz2AkHZOlSFb4Uzx1M4Yl24Z8=
x-amz-request-id: PR33JFF0ZQ6CYPJT
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 265661
accept-ranges: bytes
set-cookie: __cf_bm=HtPmyvqQOXuJUpsZBO6revgIlVJWv8W4aZjUEuduhpE-1679992540-0-AYKVgiEaW7rKJQNMe6rsPtVxpi3+NAOL1MCKEF+CYaViBIDmZTnqn+LmoI6GpuoUqSnvBayKFng8p2C67eomLdY=; path=/; expires=Tue, 28-Mar-23 09:05:40 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aee8a82abf01c0a-OSL
X-Firefox-Spdy: h2
nhzava.xyz/wp-admin/uspstrack/verification/files/jquery.min.js(1).download
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/jquery.min.js(1).download
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/jquery.min.js(1).download HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/wp-admin/uspstrack/verification/files/resize-manager.js
103.191.240.112200 OK 1.0 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/resize-manager.js
IP 103.191.240.112:0
File type ASCII text, with very long lines (1040), with no line terminators
Hash 90d8fb00194d91e9dd20281817c285d6
e7e37421b14a39e0d3787988a52a45d27ec3761f
479b585bb1f3ca011746467c115b58ca0cd6ac62aa68c9d953635b3344953887
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/resize-manager.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 1040
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/jquery-3.5.1.js
103.191.240.112200 OK 90 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/jquery-3.5.1.js
IP 103.191.240.112:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 9ac39dc31635a363e377eda0f6fbe03f
29fa5ad995e9ec866ece1d3d0b698fc556580eee
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/jquery-3.5.1.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 89476
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/megamenu-v2.css
103.191.240.112200 OK 45 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/megamenu-v2.css
IP 103.191.240.112:0
File type ASCII text, with very long lines (44725), with no line terminators
Hash e91ca0335745f99e25cbbf36fcfde992
993e87cedb80bbfe5a847fe9f4d957bfe8795549
8853e074638a2a37e8a4afe149f17dd1ce9c4d76d5c9e1614f59507c359f3927
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/megamenu-v2.css HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 44725
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
nhzava.xyz/wp-admin/uspstrack/verification/files/jquery-3.2.1.js
103.191.240.112200 OK 87 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/jquery-3.2.1.js
IP 103.191.240.112:0
File type ASCII text, with very long lines (32058)
Hash c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/jquery-3.2.1.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 86659
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/modernizr.js
103.191.240.112200 OK 11 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/modernizr.js
IP 103.191.240.112:0
File type HTML document, ASCII text, with very long lines (11084)
Hash 66e83c4165a234cdda478a9c55cb90db
22e9211030a1f612ef4acd010185181bde967307
779ab662607b48249e86f3c27e9eafff4bbc808b48899a439d5cd9b2c78f99e6
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/modernizr.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 11261
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/megamenu.js
103.191.240.112200 OK 14 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/megamenu.js
IP 103.191.240.112:0
File type ASCII text, with very long lines (3410), with CRLF line terminators
Hash f91cb845e3581dd07e23db07e02c2366
ffb9ee2cad8c59914fcc3000ba8153a167036738
df75a5a617c9d258b4127a64b9c19a4c2c8b95b2036b97530a3d513c672cf110
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/megamenu.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 13905
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/OneLinkUsps.js
103.191.240.112200 OK 3.6 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/OneLinkUsps.js
IP 103.191.240.112:0
File type ASCII text, with CRLF line terminators
Hash b60628830a1d34363f98c9443b856555
ba386fdd91d2db7fb6749982caa78bef59028077
68482663e769a15815d142d88f7a4d8105c02fe2bd37a9899a019b518f17a2b3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/OneLinkUsps.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 3639
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/require.js
103.191.240.112200 OK 17 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/require.js
IP 103.191.240.112:0
File type ASCII text, with very long lines (17192)
Hash 16e572a4f80526df4bc3cc7ff056a9a8
f23b5c2fd52e855245e3d2586cd911051561e64c
75237772a7bc8c6eaadbe642be69503335c5842af8981688250a8d4f0f61c377
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/require.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 17423
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/ge-login.js
103.191.240.112200 OK 9.3 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/ge-login.js
IP 103.191.240.112:0
File type ASCII text, with CRLF line terminators
Hash 252bc5d05d5ac9f132978968489a9b37
49cfe0b8d8d08038bf070f11addd9ab53c9ae67e
12de71624f55c7c5e1f462fdfde80f207c449f478917d21c82e65f5b9672cbfd
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/ge-login.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 9309
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/header-init-search.js
103.191.240.112200 OK 904 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/header-init-search.js
IP 103.191.240.112:0
File type ASCII text, with CRLF line terminators
Hash d8cb563907e68e9649948c6f521efe60
f5b7cf8123929db8162a2af51d07dd11c21fbac3
fd1e9eadb5698c1bc534ef8a75303b3b67f5e1ab7d1b217b27b09da42aa5036a
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/header-init-search.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 904
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
nhzava.xyz/wp-admin/uspstrack/verification/files/megamenu-additions.js
103.191.240.112200 OK 1.3 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/megamenu-additions.js
IP 103.191.240.112:0
File type ASCII text, with CRLF line terminators
Hash 847cc8bd91110ff714275c5a29fbd404
cff690cc070f9539cc1c325ed150b819018e8df7
a33554bd04b3364c1e47b719799ae0df426bb17f9c8ec422bb346227534ebdbd
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/megamenu-additions.js HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:40 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 1345
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.usps.com/assets/images/home/utility_languages.png
192.229.221.165200 OK 1.5 kB URL HTTP/2 www.usps.com/assets/images/home/utility_languages.png
IP 192.229.221.165:0
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 410956805d5701e87299cff412827e1a
5de9a390649dfc12e3d6df431140d499ad8abd67
6e727dbf5b0f4a3ec76762e445ad2c5cb750f7de41afb8b0342f903124d09826
GET /assets/images/home/utility_languages.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 26555
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "5b0-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7E8E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1456
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/utility_customer_service.png
192.229.221.165200 OK 1.3 kB URL HTTP/2 www.usps.com/assets/images/home/utility_customer_service.png
IP 192.229.221.165:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 3500d365cd94527c71fe9c70d5cda435
0c7bede628d74cefaf5fce1b675c0ce3c72c78c9
34b28a24c5414dab68a15be6613536d905faf33fbf1aed8ee4702caa60be9bca
GET /assets/images/home/utility_customer_service.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 26223
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "51b-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7EB6)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1307
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/holdmail.svg
192.229.221.165200 OK 768 B URL HTTP/2 www.usps.com/assets/images/home/holdmail.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 2f40bbb9da0d97f2ba3f3efcfd7533af
34c76f88cdda4be234b58a76e466bc7a972f14ea
f1d176e77951f74582e7e311d99f98f7ce582bdb30051987f257eb3393ee2069
GET /assets/images/home/holdmail.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26782
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "5a8-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7EFC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 768
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/stamps.svg
192.229.221.165200 OK 551 B URL HTTP/2 www.usps.com/assets/images/home/stamps.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 780aa534eb1541ac0834489beafdeea2
2593cddb6c1b7505016d3c1138e16ff556e42166
c2a1858fe0517c4c928dad150f22710f1771c1b43b92b79ceb0b20e44db61ee8
GET /assets/images/home/stamps.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 80852
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "44f-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7EC4)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 551
X-Firefox-Spdy: h2
tools.usps.com/global-elements/header/images/utility-header/mailman.svg
192.229.221.165200 OK 904 B URL HTTP/2 tools.usps.com/global-elements/header/images/utility-header/mailman.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e4bb1afb6143cb1307585f007399e0e4
7d28cd35cbdb8427d4a12274c3f455e57f4742e0
06410c31087cff92e7842a2e6aaef3b5b114192f77e2b652283250fdca6d5e30
GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: tools.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
age: 54686
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "723-55885af730a40+gzip"
last-modified: Wed, 06 Sep 2017 13:54:41 GMT
server: ECAcc (dcb/7311)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-frame-options: SAMEORIGIN
x-ruleset-version: 5.1
content-length: 904
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/featured_clicknship.svg
192.229.221.165200 OK 493 B URL HTTP/2 www.usps.com/assets/images/home/featured_clicknship.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Hash efb53558ef3932a80523af92bdda2085
1a97f57d64bc76f296423e1ddbdba9bc71b6d754
f0a25ce9d4e04e6b12bfc528584d599d5e472238849b0e1c66ff5357058d38fe
GET /assets/images/home/featured_clicknship.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26827
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "436-5494e7bfce000+gzip"
last-modified: Fri, 24 Feb 2017 22:45:20 GMT
server: ECAcc (dcb/7F6B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 493
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/calculate_price.svg
192.229.221.165200 OK 772 B URL HTTP/2 www.usps.com/assets/images/home/calculate_price.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 42af7d5484bf8f80ac930313caa5941f
c3dbaf338d7fa81845487333c0cba5b8341bd140
f8f9b52e8d7b815deba988cfcdc6596e9e7b6671075907290c8e96679b18fb2c
GET /assets/images/home/calculate_price.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26750
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "8fe-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/7304)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 772
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/cards-and-envelopes.svg
192.229.221.165200 OK 1.1 kB URL HTTP/2 www.usps.com/test/nav/images/cards-and-envelopes.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5d63c3636efb2bbcb327ed13b714367b
c7e326811c101213173c2a585d1e9700731816ed
c63dd4b3239df8b0709202228ad62b9e06ec96c346d8f86f9e33a554973b795f
GET /test/nav/images/cards-and-envelopes.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 74991
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "8a9-560f10e8c16c0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:11 GMT
server: ECAcc (dcb/7F6F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1056
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/search.svg
192.229.221.165200 OK 795 B URL HTTP/2 www.usps.com/assets/images/home/search.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ccfe748c6040d78e356b03d1a731585e
3e15bb471b3c3d0a5cebc3ccd137b5daf9273b7e
9a1b75fecaa2e0de127c36ddbb63c1bc2c44b3f81eed395734dee1ce837162fe
GET /assets/images/home/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26121
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "5b9-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7F4B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/tracking.svg
192.229.221.165200 OK 844 B URL HTTP/2 www.usps.com/assets/images/home/tracking.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 04034bbe69ef912819cee070ff866703
2c96d71004568c2b460a7f8b796ae45ad89999ec
959755a6f38fb278acd6abb223db552ecf757c291f437149663009aafb83a181
GET /assets/images/home/tracking.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 42992
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "619-5494e7f71e280+gzip"
last-modified: Fri, 24 Feb 2017 22:46:18 GMT
server: ECAcc (dcb/7E95)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 844
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/location.svg
192.229.221.165200 OK 1.2 kB URL HTTP/2 www.usps.com/assets/images/home/location.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9d8433f178d5a7b839a8bf25552c62b0
c21cec68e524862992f4aa51bf6955b953a65112
d01cb5a23f9b7f4a0a3db27cfd3d90e3813e75ed498fdbabe4df3a859390bd4f
GET /assets/images/home/location.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26308
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "a1a-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7F25)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1209
X-Firefox-Spdy: h2
www.usps.com/global-elements/header/images/utility-header/search.svg
192.229.221.165200 OK 795 B URL HTTP/2 www.usps.com/global-elements/header/images/utility-header/search.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 78562ea313af96eca6581054fdbbc76c
b0f3fd320af131b3787b39c864ecac52de12a75e
7932a41ccc861366f60896fe808612a1361c85d654aef21c5d54f7673141c0a9
GET /global-elements/header/images/utility-header/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26107
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "5b9-549b126599f40+gzip"
last-modified: Wed, 01 Mar 2017 20:28:05 GMT
server: ECAcc (dcb/7ECE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/po_box.svg
192.229.221.165200 OK 848 B URL HTTP/2 www.usps.com/assets/images/home/po_box.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a1feed192f3aca7fd02c00b6ee45bb07
fce52b953f90a873186cd2c3ddb26dcca41884be
88dcd2a8a6b055bf63763c0a86338f33b09a257c89e26a5ae6a364becf1ac122
GET /assets/images/home/po_box.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26729
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "667-5494e7f259740+gzip"
last-modified: Fri, 24 Feb 2017 22:46:13 GMT
server: ECAcc (dcb/7FD5)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 848
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/schedule_pickup.svg
192.229.221.165200 OK 923 B URL HTTP/2 www.usps.com/assets/images/home/schedule_pickup.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9f9e044f92360c82183e3a31b774e7b2
273798ee8d4dead89367b835cdb7f65f51e81b47
e4b7ae480aae11558a890826cde2cc6fa10039a787052dfc72cdad3e7a772373
GET /assets/images/home/schedule_pickup.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26684
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "6ef-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/732F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 923
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/find_zip.svg
192.229.221.165200 OK 793 B URL HTTP/2 www.usps.com/assets/images/home/find_zip.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4b74917936300819402d564909e39a34
82c09f9b1fa78724d4843b28f12c52e8bb218f2a
d7178ea719cbe6f11c5da374dc26908b1ad0d05d34a33cd6e6d701f5e05c209b
GET /assets/images/home/find_zip.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26120
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "5bf-5494e7ed94c00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:08 GMT
server: ECAcc (dcb/7ECC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 793
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/gifts.svg
192.229.221.165200 OK 590 B URL HTTP/2 www.usps.com/test/nav/images/gifts.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e97f9908f9eef2a76ea4f48e00196980
f32d5a4b791567c690ea7095d93bec78e422db40
ad60c73a39b0fcd4b311654aab6f3954edb03f37034ad5567cf9f69d63d905f4
GET /test/nav/images/gifts.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26388
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "3ee-560f10e9b5900+gzip"
last-modified: Fri, 22 Dec 2017 17:22:12 GMT
server: ECAcc (dcb/7378)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 590
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/shipping-supplies.svg
192.229.221.165200 OK 1.3 kB URL HTTP/2 www.usps.com/test/nav/images/shipping-supplies.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7a8b39b328ba3e776e643f66844896e8
7a400d0f33c592651da919c728a30e46207a9449
05140d52bba76b4464360b852c3b78227cc2865c4512bf0010ee666f0c985f99
GET /test/nav/images/shipping-supplies.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26312
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "9f8-560f10eaa9b40+gzip"
last-modified: Fri, 22 Dec 2017 17:22:13 GMT
server: ECAcc (dcb/731F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1282
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/collectors.svg
192.229.221.165200 OK 561 B URL HTTP/2 www.usps.com/test/nav/images/collectors.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8439e88bd2e43656b157f9c184635032
ddcb40776177a5eac36973e53f2f8bab73e65ea3
5ea3f924c3453a9b8a3f79251377f385f83c8cf9618129427795adf186b9338e
GET /test/nav/images/collectors.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26699
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "461-560f10f803ac0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:27 GMT
server: ECAcc (dcb/7FEB)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 561
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/change_address.svg
192.229.221.165200 OK 935 B URL HTTP/2 www.usps.com/assets/images/home/change_address.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6c6d11d6d4ad880538ac8b3c9b244e35
d2f5a684574f89a8bdac4ac35508dc29c61e9771
7d2bde4b550c48e86e4d1c6a106d195b5a259f74e2ceeab0772712d356ae7eb9
GET /assets/images/home/change_address.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26780
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "74d-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/733A)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 935
X-Firefox-Spdy: h2
nhzava.xyz/wp-admin/uspstrack/verification/files/main-sb.css
103.191.240.112200 OK 8.8 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/main-sb.css
IP 103.191.240.112:0
File type ASCII text, with very long lines (8795)
Hash ff67eac943614ef903c2e84419a60f4c
565109b98747417724dafa5462a731c692178381
0863d2c590d46ad4b990232414eef23349ee4316ac4ccbf6f4618329539fb65a
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/main-sb.css HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 8796
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.usps.com/test/nav/images/business.svg
192.229.221.165200 OK 689 B URL HTTP/2 www.usps.com/test/nav/images/business.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3b81ef43fc5b08bab4155c5fed116dc9
a5a804fb2f8f51b3e588d4edb01752eba0380f8d
a513b0f2fb200e9cf7b30ccfbde98f79e87a027c256d99f3159ad22dcb5cc4cb
GET /test/nav/images/business.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26726
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "4d2-560f10e7cd480+gzip"
last-modified: Fri, 22 Dec 2017 17:22:10 GMT
server: ECAcc (dcb/7FBE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 689
X-Firefox-Spdy: h2
nhzava.xyz/wp-admin/uspstrack/verification/files/footer-sb.css
103.191.240.112200 OK 3.2 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/footer-sb.css
IP 103.191.240.112:0
File type ASCII text, with very long lines (3179), with CRLF line terminators
Hash 0466c7414c19b685bafe055bcd1d9d7b
29eb107ca7c4de31aaf2a9df8d9c8294d2c234ae
ccaebfd542fba2c3af8d9397e265345e7c7bec22c7c94f190ef7047e38479830
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/footer-sb.css HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 3181
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.usps.com/global-elements/lib/script/require-jquery.js
192.229.221.165200 OK 74 B URL HTTP/2 www.usps.com/global-elements/lib/script/require-jquery.js
IP 192.229.221.165:0
File type ASCII text, with no line terminators
Hash ea38e8196b75d9720bc3902d6d735130
165284464c58d7f213c1211f2c433873299e4527
cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9
GET /global-elements/lib/script/require-jquery.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 12481
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "4a-5057c23aa4c00"
last-modified: Wed, 15 Oct 2014 20:40:16 GMT
nncoection: close
server: ECAcc (dcb/7F20)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 74
X-Firefox-Spdy: h2
www.usps.com/global-elements/lib/script/helpers.js
192.229.221.165200 OK 358 B URL HTTP/2 www.usps.com/global-elements/lib/script/helpers.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (695), with no line terminators
Hash a94bd840611f82766bdd01435e0325d4
195b9eccc89fd504aaa416ecfc05b277e3b1862b
c9df217c213bc4a79f26f7996533f4e02e031f82d7f1b88ccdc0f39504573d46
GET /global-elements/lib/script/helpers.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 33719
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "2b7-505dad4fe5380+gzip"
last-modified: Mon, 20 Oct 2014 13:38:38 GMT
server: ECAcc (dcb/737D)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 358
X-Firefox-Spdy: h2
www.usps.com/global-elements/header/script/search-fe.js
192.229.221.165200 OK 930 B URL HTTP/2 www.usps.com/global-elements/header/script/search-fe.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (2264), with no line terminators
Hash 044ed97a28abfb41b4962d4be4f1a9a2
376bd4af5ff97565cf9565904b615bffbea08690
19c16113aa7d624c43ffefd992d78b420fc3a195d99578684d0abf52fbabce71
GET /global-elements/header/script/search-fe.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 53878
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "8d8-5d77081c47c40+gzip"
last-modified: Mon, 07 Feb 2022 16:58:17 GMT
server: ECAcc (dcb/7FD8)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 930
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nhzava.xyz
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Tue, 28 Mar 2023 08:35:41 GMT
server: ECAcc (ska/F779)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nhzava.xyz
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Tue, 28 Mar 2023 08:35:41 GMT
server: ECAcc (ska/F7BB)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nhzava.xyz
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Tue, 28 Mar 2023 08:35:41 GMT
server: ECAcc (ska/F7B7)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nhzava.xyz
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Tue, 28 Mar 2023 08:35:41 GMT
server: ECAcc (ska/F7A8)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nhzava.xyz
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Tue, 28 Mar 2023 08:35:41 GMT
server: ECAcc (ska/F6BE)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nhzava.xyz
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Tue, 28 Mar 2023 08:35:41 GMT
server: ECAcc (ska/F6EC)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/global-elements/footer/script/jquery-3.5.1.js
192.229.221.165200 OK 31 kB URL HTTP/2 www.usps.com/global-elements/footer/script/jquery-3.5.1.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 2a0ef702291c837a85b6c7c2275fdac6
7937023d7bc07c2a6d1e29f316836995fbdbf997
921bf2826576dbc494161d3021ee21b0b844ed89f0b2b630e7d579b69ab1a9ba
GET /global-elements/footer/script/jquery-3.5.1.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 14716
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "15d84-5affcd6633ac0+gzip"
last-modified: Wed, 23 Sep 2020 15:35:47 GMT
server: ECAcc (dcb/7F9B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 30950
X-Firefox-Spdy: h2
nhzava.xyz/wp-admin/uspstrack/verification/fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/fonts/b0868b4c-234e-47d3-bc59-41ab9de3c0db.woff2 HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/main.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/wp-admin/uspstrack/verification/images/nav-red-chevron.svg
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/images/nav-red-chevron.svg
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/images/nav-red-chevron.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/main.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/wp-admin/uspstrack/verification/images/logo-mini.png
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/images/logo-mini.png
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/images/logo-mini.png HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/footer.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/wp-admin/uspstrack/verification/files/go-now(2).png
103.191.240.112200 OK 27 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/go-now(2).png
IP 103.191.240.112:0
File type PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash b596424d2e958b51d7a68b46cadb6855
77eeeff212b8cd75a31beb954907e20bc5f8c831
daaeb825e97d878d0b5d5dfce37a2dd592ac0e1c5b887e24705835442d317365
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/go-now(2).png HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 26972
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
nhzava.xyz/wp-admin/uspstrack/verification/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2 HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/main.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/wp-admin/uspstrack/verification/fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/fonts/462d508d-efc7-478f-b84e-288eeb69a160.woff2 HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/main.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.usps.com/global-elements/lib/script/resize-manager.js
192.229.221.165200 OK 468 B URL HTTP/2 www.usps.com/global-elements/lib/script/resize-manager.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (1040), with no line terminators
Hash 7dfda1d5c69fea0090eb0e1dd8f9cc69
731696ce554e4a61def2c1b2c42f593b2d663ec2
f59a56b127f6d56e1af875fde9db49dcd3fc70cd952445b3f0d259f4acc52a5e
GET /global-elements/lib/script/resize-manager.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nhzava.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 40326
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Tue, 28 Mar 2023 08:35:41 GMT
etag: "410-5057c23b98e40+gzip"
last-modified: Wed, 15 Oct 2014 20:40:17 GMT
server: ECAcc (dcb/7F54)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 468
X-Firefox-Spdy: h2
nhzava.xyz/global-elements/footer/images/footer-logo.png
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/global-elements/footer/images/footer-logo.png
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /global-elements/footer/images/footer-logo.png HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/footer-sb.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/wp-admin/uspstrack/verification/files/logo-sb.svg
103.191.240.112200 OK 3.6 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/logo-sb.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0418f7120dc6cdd1d7aa0f8219ec9af2
3bb6c6edee3cc1c072117795611e2f67383cdc44
4b5aaf0dc8f59e71849219fae0a225aeb3914bebcc363753f22b5713627b0094
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/logo-sb.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 3557
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/files/go-now.png
103.191.240.112200 OK 20 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/go-now.png
IP 103.191.240.112:0
File type PNG image data, 210 x 142, 8-bit/color RGBA, non-interlaced\012- data
Hash d0dad9004bae0df70b06b75557b1df62
4a080764de6b97902413f5c836432a30da348517
2ff8048ab175abf501e134d00a973ca31a7b0de09c2777eab0a2c9dc07ca0289
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/go-now.png HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 20334
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
nhzava.xyz/wp-admin/uspstrack/verification/files/go-now(3).png
103.191.240.112200 OK 20 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/go-now(3).png
IP 103.191.240.112:0
File type PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 6311ef7a60f86d77aa48fcc48a675a31
96bc8b2fe87b126ffbf0d7b7ad8419661cb6bd9c
70d715475fb0a4756fc65c50cbb2cf0ca15f7311efc6c54b18e045e6ab202251
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/go-now(3).png HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 19969
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
nhzava.xyz/wp-admin/uspstrack/verification/files/go-now(4).png
103.191.240.112200 OK 22 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/go-now(4).png
IP 103.191.240.112:0
File type PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 22ab573e325c944450873345437b0887
0446e4d20c824d38ef4d427cf7e025c8f034f11a
d8573e3e13b1fb40173ea39d5e7fc1b935ae1239b9ca37ac3d7fedf3d966f4ed
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/go-now(4).png HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 22133
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
nhzava.xyz/wp-admin/uspstrack/verification/files/go-now(1).png
103.191.240.112200 OK 8.0 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/go-now(1).png
IP 103.191.240.112:0
File type PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 49754396635190a6532dd376acc76ee1
526df243e2adbf5719b082c5e04190ed40209ccd
0962cc2915393132882747bf55b069572324019764af92ec02d5d0249bfdff99
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/go-now(1).png HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 8026
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
nhzava.xyz/wp-admin/uspstrack/verification/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/main.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/wp-admin/uspstrack/verification/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/main.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/wp-admin/uspstrack/verification/files/tracking.svg
103.191.240.112200 OK 1.6 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/tracking.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 2fb7b372aea93502ca192e5a633d1aa1
ce358703cce32b2176cf6ec94e17341cb6f93f03
58ad849f3ea489d0b2ee4f0dd1e4fd0b613a5248fd6b127a4479646ce4735593
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/tracking.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 1561
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/main.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/wp-admin/uspstrack/verification/files/mailman.svg
103.191.240.112200 OK 1.8 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/mailman.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1426a5796b4337302ee498d4a9265b38
c3b2b8042eb536d43101c5281d5aae8244d1e0e1
87f26b59587d5549f99b77e77519bf17b625c6a693931f54f62accac834e6ff1
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/mailman.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 1827
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/files/location.svg
103.191.240.112200 OK 2.6 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/location.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9b913bc84d41ec1c78da5889d36e1431
21b0075c9ec43a7ec769dde1d1ec8149b0686c0f
87d11356a8f76ef3af3c6d46bc4958cf3746e9a5b69e81d1df952b274319f539
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/location.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:41 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 2586
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/files/schedule_pickup.svg
103.191.240.112200 OK 1.8 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/schedule_pickup.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d627861a77e755da093cae9b4db00b7b
fc5ac7d6bc6bf06f53b399848be232b35aa2c5b1
2a5e1fdc8e264327be71c3063cc6bf1dd8a618576310a5d26dc31ba8d6f83616
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/schedule_pickup.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 1775
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/files/stamps.svg
103.191.240.112200 OK 1.1 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/stamps.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 2e722b55bb31b83042310fbf5b45128d
cb6cd5c99c06ba8c04c7795dea4d13241eaaa045
0b68e5b64999ab2e6d137a1886410cc9e8bed0b3863aacd838a3eb008f2bb516
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/stamps.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 1103
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/main.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/wp-admin/uspstrack/verification/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/main.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/wp-admin/uspstrack/verification/fonts/2381d918-136d-444f-8391-db0cba6da388.ttf
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/fonts/2381d918-136d-444f-8391-db0cba6da388.ttf
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/fonts/2381d918-136d-444f-8391-db0cba6da388.ttf HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/main.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/wp-admin/uspstrack/verification/files/calculate_price.svg
103.191.240.112200 OK 2.3 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/calculate_price.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6204f7fb48ef86964b4b1cce343ebdde
d60b7e47e22615fdea2a24e102200090b466b862
edbb6a59137018b9a8229184aac04a2661787564cdf4484229bee96d7c11e771
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/calculate_price.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 2302
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/files/find_zip.svg
103.191.240.112200 OK 1.5 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/find_zip.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash e30aab66bad715f4fef4b6c42f8490d2
40be7a560b0687cf57c7ef0c0600ca08203a680c
aa6ff55c203834f667cbb01cedb0d409ff3b8f1b5a4de8c89a79b2e7034a8001
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/find_zip.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 1471
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/files/holdmail.svg
103.191.240.112200 OK 1.4 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/holdmail.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4c8f3d7064524311ef86ddd0ded768d1
53ca5f29f603435821d07019cf123e430626f54e
2d45f10e1a6925e9500a4fb6e0223ce4ddfb492a914472ca8229fa01e3f94afa
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/holdmail.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 1448
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/files/change_address.svg
103.191.240.112200 OK 1.9 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/change_address.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 3955e49630deb78cc1212ba20d83bafc
881ba502127d57c48784703683869abf4c8e28d8
b84842a014070d9363a46638e512476260162014c9bde4bcca7a9ade4177ea12
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/change_address.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 1869
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/files/po_box.svg
103.191.240.112200 OK 1.6 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/po_box.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d3793852de4f419211843c1f4c05ddb4
8c7eccab4e3865a04553d720c150e4506d8990a0
7487a4b55d8cb9a837520dcb7ea5e50c915b5797c165f9bf7a7a3f8fe468a0a0
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/po_box.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 1639
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/files/free_boxes.svg
103.191.240.112200 OK 1.1 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/free_boxes.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash dc788e0d1e8c7d9463a99882e622730c
a079d9612a9c119a9419b620d9dcfc141dd7e011
a3f1dfab56de547e28606e3e2150167339be6a35c8385486066924874d14df47
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/free_boxes.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 1066
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/files/featured_clicknship.svg
103.191.240.112200 OK 1.1 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/featured_clicknship.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Hash 375ed61778c1a49c8d1ea21f31748719
476785aa7126fbd9dcaa3bce84b57c3c120bd5a4
23edd9ac5dba678e1e5f97f2397a69d295e257c4a56e462c686557246081ffa2
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/featured_clicknship.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 1078
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/global-elements/header/images/package-intercept.svg
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/global-elements/header/images/package-intercept.svg
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /global-elements/header/images/package-intercept.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/megamenu-v2.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/global-elements/header/images/utility-header/mailman.svg
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/global-elements/header/images/utility-header/mailman.svg
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/megamenu-v2.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/global-elements/header/images/schedule-redelivery.svg
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/global-elements/header/images/schedule-redelivery.svg
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /global-elements/header/images/schedule-redelivery.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/megamenu-v2.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/global-elements/header/images/icon-personalize-stamped-envelopes.svg
103.191.240.112404 Not Found 315 B URL HTTP/1.1 nhzava.xyz/global-elements/header/images/icon-personalize-stamped-envelopes.svg
IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /global-elements/header/images/icon-personalize-stamped-envelopes.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/files/megamenu-v2.css
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nhzava.xyz/wp-admin/uspstrack/verification/files/hamburger.svg
103.191.240.112200 OK 546 B URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/hamburger.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash 37c94e8de8729be2b0b9833bafa28f3b
c675396f6d65666dd6047b6e92cbd5429556dbac
b95f434286744e3dbaf5bc56f41d4ce2640da3038461502f7ac243a5931e9435
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/hamburger.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 546
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/files/logo_mobile.svg
103.191.240.112200 OK 2.1 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/logo_mobile.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f8ad388b3e39b860c97de0029ae98a21
9b032ef4ef4100dda1ba44be4836e6956b11387c
9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/logo_mobile.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:03 GMT
Accept-Ranges: bytes
Content-Length: 2060
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/wp-admin/uspstrack/verification/files/search.svg
103.191.240.112200 OK 1.5 kB URL HTTP/1.1 nhzava.xyz/wp-admin/uspstrack/verification/files/search.svg
IP 103.191.240.112:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ace472e478185d5f5ecd18c7d821eff7
c4c97892e41d3dd838912c42fd7a7b212f671d1b
c8b13b10e28b6b420151db578831a416b7c1805d7672eeb57e69dc697fda1e27
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /wp-admin/uspstrack/verification/files/search.svg HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Last-Modified: Mon, 27 Mar 2023 21:30:02 GMT
Accept-Ranges: bytes
Content-Length: 1465
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/svg+xml
nhzava.xyz/favicon.ico
103.191.240.112404 Not Found 315 B IP 103.191.240.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
urlquery phishing Phishing - US Postal Service
GET /favicon.ico HTTP/1.1
Host: nhzava.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nhzava.xyz/wp-admin/uspstrack/verification/
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 08:35:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1