{"report_id":"99ec8f86-9236-4ebe-83b5-f9f1599059de","version":6,"status":"done","tags":["usps","logistics","phishing"],"date":"2023-08-23T17:46:12Z","url":{"schema":"http","addr":"upsserviceshelp.com/8b2a51b8607b0b8b9904e5c443fd39fa/?token=934ee66d8ca6e30fe5b9f745870f34cbeeb3130c72ffdc2185826384a817f8183ccef8004c179d79c81c78c1d56b0aba21530edc5ac5c49c2ab51349dd0fb307","fqdn":"upsserviceshelp.com","domain":"upsserviceshelp.com","tld":"com"},"ip":{"addr":"155.138.163.158","port":0,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","fqdn":"upsserviceshelp.com","domain":"upsserviceshelp.com","tld":"com"},"title":"USPS - Offer"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-28T08:36:48Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"upsserviceshelp.com","ip":{"addr":"155.138.163.158","port":0,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"domain_registered":"2023-08-22","domain_rank":0,"first_seen":"2023-08-22 22:46:04","last_seen":"2023-08-23 01:38:06","alert_count":6,"request_count":9,"received_data":39865,"sent_data":5970,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":175,"first_seen":"2018-07-01 08:43:07","last_seen":"2023-08-22 18:12:05","alert_count":0,"request_count":3,"received_data":2100,"sent_data":999,"comment":"","tags":null,"fingerprints":null},{"fqdn":"maps.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":33876,"first_seen":"2019-10-17 17:56:16","last_seen":"2023-08-23 05:10:06","alert_count":0,"request_count":2,"received_data":84238,"sent_data":890,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.sectigo.com","ip":{"addr":"104.18.15.101","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-08-16","domain_rank":487,"first_seen":"2019-11-29 12:50:24","last_seen":"2023-08-22 23:59:51","alert_count":0,"request_count":1,"received_data":964,"sent_data":330,"comment":"","tags":null,"fingerprints":null},{"fqdn":"devilsms.live","ip":{"addr":"199.188.200.254","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"2021-09-16","domain_rank":0,"first_seen":"2022-06-09 23:23:15","last_seen":"2023-08-08 22:36:19","alert_count":8,"request_count":8,"received_data":40913,"sent_data":4059,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","fqdn":"upsserviceshelp.com","domain":"upsserviceshelp.com","tld":"com"},"ip":{"addr":"155.138.163.158","port":0,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"bcc09075b1751dac2dd0df99783c78a3","sha1":"4d730f4032ac21b115905910d2853eb7249d563a","sha256":"96c875d292aaab9b960846cc196f292b70f8ee3c8e557470a95e9eccbb76b2bc","sha512":"12cbe195b1efe8c793d0b0d259f644f3ea03fe0e85e47ed849454cf2f02f6e59d8bd2d403e871c93e1ce145826b5dc588d23785a983d3afb232ac63227326ff1","ssdeep":"","tlshash":"2bf05976a1522830476635a96046468ee8b008200a1dd7d1c81c64f22c70b3df077b98","size":478,"data":"","first_seen":"2023-03-07T13:02:45Z","last_seen":"2024-11-07T10:09:02.591779Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/common.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2005cff13e09393e76f625c7c3e6d0b7","sha1":"47d240c168d611f38c102cf2b6320ea582e69e46","sha256":"50c76b6340f567a536017cdf52bef65fdbbec4d637253e823543059ac68c2fd1","sha512":"b7122caa3f4501f20c507addf63dc80c49f42dc7f3e28180db2a495d8b931ee2acd55517cd7a856402e2330975070a16c5cc49b5e36e1e5b57d58f6d31db5032","ssdeep":"1536:Nj2K0IVivAXiR1TtgigxMPZe0N+A//hMOhWv5iZqkQzV39NEkle8h:DVGAXmWiwo+A//hMOh85QqkQl9N95h","tlshash":"2273c59d725275a69317f0b9123f000ab13a64adf4484dacb24cd9e29ef585d02bbf7c","size":77983,"data":"","first_seen":"2023-03-07T13:02:45Z","last_seen":"2026-02-12T07:32:12.530746Z","times_seen":53,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/util.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"16b73dc0de9683fb153b38cf6b5a6e6d","sha1":"22261377b57577dcd8046a8970ef5c80aefdf5dc","sha256":"d9f2fabff1b5fdcf2833cdcca025f1ec73c4889c41410e8a018cb1a84bb6ac79","sha512":"1a7e0c0b5f44faf69fe8368b24ae68b95d0839a285785cf7b5a805837425da75e2b89e2f3d50624cc6eca540dde0bea983bed5c29581d2c3f1e11d74502bdf05","ssdeep":"3072:lfTnZQ5U/ay5v5b681Czm83dsFkP3T+jq:lfaMayV5b68EfNskP3T+jq","tlshash":"43e32aa8724270a98277f5f6053f104aa53e985af8054c7cb288d9e1ddf8c9d11bbf78","size":146194,"data":"","first_seen":"2023-03-07T13:02:45Z","last_seen":"2026-02-12T07:32:12.522809Z","times_seen":53,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"upsserviceshelp.com/8b2a51b8607b0b8b9904e5c443fd39fa/?token=934ee66d8ca6e30fe5b9f745870f34cbeeb3130c72ffdc2185826384a817f8183ccef8004c179d79c81c78c1d56b0aba21530edc5ac5c49c2ab51349dd0fb307","fqdn":"upsserviceshelp.com","domain":"upsserviceshelp.com","tld":"com"},"ip":{"addr":"155.138.163.158","port":0,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-08-23T17:45:46.723910518Z","timestamp":1692812746723,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /8b2a51b8607b0b8b9904e5c443fd39fa/?token=934ee66d8ca6e30fe5b9f745870f34cbeeb3130c72ffdc2185826384a817f8183ccef8004c179d79c81c78c1d56b0aba21530edc5ac5c49c2ab51349dd0fb307 HTTP/1.1\r\nHost: upsserviceshelp.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Wed, 23 Aug 2023 17:45:54 GMT\r\nServer: Apache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nSet-Cookie: PHPSESSID=50d9e5b075d9c9aae26a72da273e05ee; path=/\r\nLocation: ../index.php\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T05:33:01.117244Z","times_seen":15094316,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upsserviceshelp.com/index.php","fqdn":"upsserviceshelp.com","domain":"upsserviceshelp.com","tld":"com"},"ip":{"addr":"155.138.163.158","port":443,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-08-23T17:45:46.759Z","timestamp":1692812746759,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upsserviceshelp.com","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Tue, 22 Aug 2023 00:00:00 GMT","end":"Mon, 20 Nov 2023 23:59:59 GMT"},"fingerprint":{"sha1":"76:AC:B2:B5:5C:DE:F1:11:75:7A:61:25:C7:36:6C:9F:B1:84:4F:77","sha256":"41:7E:9E:8F:07:1C:8D:7D:3F:A3:B8:E8:8B:CB:BF:58:4A:0E:A3:AC:ED:EA:9A:DB:BD:F4:BF:09:58:44:7A:42"}}},"request":{"raw":"GET /index.php HTTP/1.1\r\nHost: upsserviceshelp.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=50d9e5b075d9c9aae26a72da273e05ee\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Wed, 23 Aug 2023 17:45:54 GMT\r\nServer: Apache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nLocation: 63866ab0c746057e94fc55c2d2b938e6?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e\r\nContent-Length: 2\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text","md5":"d784fa8b6d98d27699781bd9a7cf19f0","sha1":"dd122581c8cd44d0227f9c305581ffcb4b6f1b46","sha256":"e16f1596201850fd4a63680b27f603cb64e67176159be3d8ed78a4403fdb1700","sha512":"f8aca02e28996a586f535eed5de9f4533b8b2910762f524459f6fae6fb3f8f7540db5f2c809c1c07167a95b33f6f3f85589af99182e2d2bf93f964de169dd4c0","ssdeep":"","tlshash":"c710000000000000000000300000000000000000000000000000003000000000000000","first_seen":"2023-03-07T01:32:15Z","last_seen":"2026-05-11T13:55:44.658179Z","times_seen":2477,"resource_available":true,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","fqdn":"upsserviceshelp.com","domain":"upsserviceshelp.com","tld":"com"},"ip":{"addr":"155.138.163.158","port":443,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-08-23T17:45:46.992Z","timestamp":1692812746992,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upsserviceshelp.com","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Tue, 22 Aug 2023 00:00:00 GMT","end":"Mon, 20 Nov 2023 23:59:59 GMT"},"fingerprint":{"sha1":"76:AC:B2:B5:5C:DE:F1:11:75:7A:61:25:C7:36:6C:9F:B1:84:4F:77","sha256":"41:7E:9E:8F:07:1C:8D:7D:3F:A3:B8:E8:8B:CB:BF:58:4A:0E:A3:AC:ED:EA:9A:DB:BD:F4:BF:09:58:44:7A:42"}}},"request":{"raw":"GET /63866ab0c746057e94fc55c2d2b938e6?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e HTTP/1.1\r\nHost: upsserviceshelp.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=50d9e5b075d9c9aae26a72da273e05ee\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Wed, 23 Aug 2023 17:45:55 GMT\r\nServer: Apache\r\nLocation: https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e\r\nContent-Length: 404\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":404,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"a8f28e83bf1b220f19168b9bafe76548","sha1":"614847290ed09e6d6faab6d0179f05b34414ab0a","sha256":"4101f9233ef3a93ecf897ec0662c63739932db13fdddbccf8735737e2bfa63af","sha512":"7fcfe9749674bec076154764e76ff794180560c98318339da642a00db998402a01fb5aa3ea59fd00ca4fa8dbc081cc468d87d4a6481828b5767892236f874f80","ssdeep":"","tlshash":"bee0f1e9b3b220e01a633f40b8933475642a18355591179d1dfa6984e53bc75c4de0dc","first_seen":"2023-08-23T19:46:12Z","last_seen":"2023-08-23T19:46:12Z","times_seen":1,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-08-23T17:45:47.721924171Z","timestamp":1692812747721,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 23 Aug 2023 17:45:55 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"74eed3f5ba40ed8254fd560147072a3c","sha1":"7e8836b3b7b3bdd43fc16c13f520912d9588901f","sha256":"6c961d618eadd1e94ff53dd884d9c65078a8c7116c02a567c3b24d6ca81ad271","sha512":"2ac414c44026028de3d740be9d6726090e89dbe43eb548f15ac2a5128b31c51f7cafbb6e53b2f8cd03de4cd09419f7dab3861dd965c2a78bad5c76b39a9edd6f","ssdeep":"","tlshash":"25f054151c749911d21bdb3522eec506ae807c0c181c03c324ec96c0c3863ebf115551","first_seen":"2023-08-22T16:39:08Z","last_seen":"2023-08-23T22:21:59Z","times_seen":969,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-08-23T17:45:47.723604991Z","timestamp":1692812747723,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 23 Aug 2023 17:45:55 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"74eed3f5ba40ed8254fd560147072a3c","sha1":"7e8836b3b7b3bdd43fc16c13f520912d9588901f","sha256":"6c961d618eadd1e94ff53dd884d9c65078a8c7116c02a567c3b24d6ca81ad271","sha512":"2ac414c44026028de3d740be9d6726090e89dbe43eb548f15ac2a5128b31c51f7cafbb6e53b2f8cd03de4cd09419f7dab3861dd965c2a78bad5c76b39a9edd6f","ssdeep":"","tlshash":"25f054151c749911d21bdb3522eec506ae807c0c181c03c324ec96c0c3863ebf115551","first_seen":"2023-08-22T16:39:08Z","last_seen":"2023-08-23T22:21:59Z","times_seen":969,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/util.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","date":"2023-08-23T17:45:47.670Z","timestamp":1692812747670,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 31 Jul 2023 08:22:19 GMT","end":"Mon, 23 Oct 2023 08:22:18 GMT"},"fingerprint":{"sha1":"2A:06:F9:5A:FD:FC:89:5C:D7:C5:CC:38:F0:25:78:FB:15:9F:5A:67","sha256":"B5:6E:61:9A:99:BF:5A:AB:FB:51:B3:9E:2C:B4:09:09:0F:85:51:48:71:37:BA:3A:7B:5C:71:53:34:80:97:58"}}},"request":{"raw":"GET /maps-api-v3/api/js/38/11/intl/nl_ALL/util.js HTTP/1.1\r\nHost: maps.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsserviceshelp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"maps-api-js\"\r\nreport-to: {\"group\":\"maps-api-js\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/maps-api-js\"}]}\r\ncontent-length: 53998\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 23 Aug 2023 00:38:25 GMT\r\nexpires: Thu, 22 Aug 2024 00:38:25 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 04 Nov 2019 22:32:04 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding, Origin\r\nage: 61650\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":53998,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (3412)","md5":"16b73dc0de9683fb153b38cf6b5a6e6d","sha1":"22261377b57577dcd8046a8970ef5c80aefdf5dc","sha256":"d9f2fabff1b5fdcf2833cdcca025f1ec73c4889c41410e8a018cb1a84bb6ac79","sha512":"1a7e0c0b5f44faf69fe8368b24ae68b95d0839a285785cf7b5a805837425da75e2b89e2f3d50624cc6eca540dde0bea983bed5c29581d2c3f1e11d74502bdf05","ssdeep":"3072:lfTnZQ5U/ay5v5b681Czm83dsFkP3T+jq:lfaMayV5b68EfNskP3T+jq","tlshash":"43e32aa8724270a98277f5f6053f104aa53e985af8054c7cb288d9e1ddf8c9d11bbf78","first_seen":"2023-03-07T13:02:45Z","last_seen":"2026-02-12T07:32:12.522809Z","times_seen":53,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":53,"dns":0,"connect":11,"send":0,"wait":8,"receive":12,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/38/11/intl/nl_ALL/common.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","date":"2023-08-23T17:45:47.668Z","timestamp":1692812747668,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 31 Jul 2023 08:22:19 GMT","end":"Mon, 23 Oct 2023 08:22:18 GMT"},"fingerprint":{"sha1":"2A:06:F9:5A:FD:FC:89:5C:D7:C5:CC:38:F0:25:78:FB:15:9F:5A:67","sha256":"B5:6E:61:9A:99:BF:5A:AB:FB:51:B3:9E:2C:B4:09:09:0F:85:51:48:71:37:BA:3A:7B:5C:71:53:34:80:97:58"}}},"request":{"raw":"GET /maps-api-v3/api/js/38/11/intl/nl_ALL/common.js HTTP/1.1\r\nHost: maps.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsserviceshelp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"maps-api-js\"\r\nreport-to: {\"group\":\"maps-api-js\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/maps-api-js\"}]}\r\ncontent-length: 28568\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 23 Aug 2023 00:38:25 GMT\r\nexpires: Thu, 22 Aug 2024 00:38:25 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 04 Nov 2019 22:32:04 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding, Origin\r\nage: 61650\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28568,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (1601)","md5":"2005cff13e09393e76f625c7c3e6d0b7","sha1":"47d240c168d611f38c102cf2b6320ea582e69e46","sha256":"50c76b6340f567a536017cdf52bef65fdbbec4d637253e823543059ac68c2fd1","sha512":"b7122caa3f4501f20c507addf63dc80c49f42dc7f3e28180db2a495d8b931ee2acd55517cd7a856402e2330975070a16c5cc49b5e36e1e5b57d58f6d31db5032","ssdeep":"1536:Nj2K0IVivAXiR1TtgigxMPZe0N+A//hMOhWv5iZqkQzV39NEkle8h:DVGAXmWiwo+A//hMOh85QqkQl9N95h","tlshash":"2273c59d725275a69317f0b9123f000ab13a64adf4484dacb24cd9e29ef585d02bbf7c","first_seen":"2023-03-07T13:02:45Z","last_seen":"2026-02-12T07:32:12.530746Z","times_seen":53,"resource_available":true,"data":null}},"time_used":140,"timings":{"blocked":57,"dns":1,"connect":7,"send":0,"wait":17,"receive":2,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-08-23T17:45:47.844106398Z","timestamp":1692812747844,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Wed, 23 Aug 2023 17:45:55 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"74eed3f5ba40ed8254fd560147072a3c","sha1":"7e8836b3b7b3bdd43fc16c13f520912d9588901f","sha256":"6c961d618eadd1e94ff53dd884d9c65078a8c7116c02a567c3b24d6ca81ad271","sha512":"2ac414c44026028de3d740be9d6726090e89dbe43eb548f15ac2a5128b31c51f7cafbb6e53b2f8cd03de4cd09419f7dab3861dd965c2a78bad5c76b39a9edd6f","ssdeep":"","tlshash":"25f054151c749911d21bdb3522eec506ae807c0c181c03c324ec96c0c3863ebf115551","first_seen":"2023-08-22T16:39:08Z","last_seen":"2023-08-23T22:21:59Z","times_seen":969,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upsserviceshelp.com/content/marktplaats/client.min.css","fqdn":"upsserviceshelp.com","domain":"upsserviceshelp.com","tld":"com"},"ip":{"addr":"155.138.163.158","port":443,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","date":"2023-08-23T17:45:47.666Z","timestamp":1692812747666,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upsserviceshelp.com","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Tue, 22 Aug 2023 00:00:00 GMT","end":"Mon, 20 Nov 2023 23:59:59 GMT"},"fingerprint":{"sha1":"76:AC:B2:B5:5C:DE:F1:11:75:7A:61:25:C7:36:6C:9F:B1:84:4F:77","sha256":"41:7E:9E:8F:07:1C:8D:7D:3F:A3:B8:E8:8B:CB:BF:58:4A:0E:A3:AC:ED:EA:9A:DB:BD:F4:BF:09:58:44:7A:42"}}},"request":{"raw":"GET /content/marktplaats/client.min.css HTTP/1.1\r\nHost: upsserviceshelp.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e\r\nCookie: PHPSESSID=50d9e5b075d9c9aae26a72da273e05ee\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 23 Aug 2023 17:45:55 GMT\r\nServer: Apache\r\nContent-Length: 315\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":315,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"a34ac19f4afae63adc5d2f7bc970c07f","sha1":"a82190fc530c265aa40a045c21770d967f4767b8","sha256":"d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3","sha512":"42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765","ssdeep":"","tlshash":"b0e0e75f41473347402252907dc110d1d505236b797161fd3d85b4ab501dc3dc99f7dc","first_seen":"2023-03-07T01:02:33Z","last_seen":"2026-05-13T02:03:10.451945Z","times_seen":145324,"resource_available":true,"data":null}},"time_used":571,"timings":{"blocked":227,"dns":0,"connect":111,"send":0,"wait":111,"receive":0,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsserviceshelp.com/content/marktplaats/normalize.112272e5.css","fqdn":"upsserviceshelp.com","domain":"upsserviceshelp.com","tld":"com"},"ip":{"addr":"155.138.163.158","port":443,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","date":"2023-08-23T17:45:47.667Z","timestamp":1692812747667,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upsserviceshelp.com","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Tue, 22 Aug 2023 00:00:00 GMT","end":"Mon, 20 Nov 2023 23:59:59 GMT"},"fingerprint":{"sha1":"76:AC:B2:B5:5C:DE:F1:11:75:7A:61:25:C7:36:6C:9F:B1:84:4F:77","sha256":"41:7E:9E:8F:07:1C:8D:7D:3F:A3:B8:E8:8B:CB:BF:58:4A:0E:A3:AC:ED:EA:9A:DB:BD:F4:BF:09:58:44:7A:42"}}},"request":{"raw":"GET /content/marktplaats/normalize.112272e5.css HTTP/1.1\r\nHost: upsserviceshelp.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e\r\nCookie: PHPSESSID=50d9e5b075d9c9aae26a72da273e05ee\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 23 Aug 2023 17:45:55 GMT\r\nServer: Apache\r\nContent-Length: 315\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":315,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"a34ac19f4afae63adc5d2f7bc970c07f","sha1":"a82190fc530c265aa40a045c21770d967f4767b8","sha256":"d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3","sha512":"42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765","ssdeep":"","tlshash":"b0e0e75f41473347402252907dc110d1d505236b797161fd3d85b4ab501dc3dc99f7dc","first_seen":"2023-03-07T01:02:33Z","last_seen":"2026-05-13T02:03:10.451945Z","times_seen":145324,"resource_available":true,"data":null}},"time_used":574,"timings":{"blocked":228,"dns":0,"connect":113,"send":0,"wait":111,"receive":0,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"ocsp.sectigo.com/","fqdn":"ocsp.sectigo.com","domain":"sectigo.com","tld":"com"},"ip":{"addr":"104.18.15.101","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-08-23T17:45:48.084515746Z","timestamp":1692812748084,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.sectigo.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 23 Aug 2023 17:45:56 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 472\r\nConnection: keep-alive\r\nLast-Modified: Wed, 23 Aug 2023 17:19:07 GMT\r\nExpires: Wed, 30 Aug 2023 17:19:06 GMT\r\nEtag: \"6ca37e758ddb48d350593c6d99def0449eb37d81\"\r\nCache-Control: max-age=602589,s-maxage=1800,public,no-transform,must-revalidate\r\nX-CCACDN-Proxy-ID: mcdpinlb1\r\nX-Frame-Options: SAMEORIGIN\r\nCF-Cache-Status: DYNAMIC\r\nServer: cloudflare\r\nCF-RAY: 7fb52c0cec9c1c0e-OSL\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"aa5f949391cbd0103aab149dcc02b2bf","sha1":"6ca37e758ddb48d350593c6d99def0449eb37d81","sha256":"545d37d6024556cabb54c1b41dc7bedf3c4971384e891915fcf3e9db7988804c","sha512":"9d27c2bd67485dba835ef1b52a21198d5e0d3e8da39df76a0b7bb9e611ce1a1fad38ccb7ee4057b2d34e4004c5e4a37d70b02dcd0dde0423a9c94786a179d06d","ssdeep":"","tlshash":"2df0dc91a7a47b922e49fb0815fa4abf78c2f1c928b0086b332c10c88a921fd512d918","first_seen":"2023-08-23T19:45:22Z","last_seen":"2023-08-23T20:36:34Z","times_seen":5,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","fqdn":"upsserviceshelp.com","domain":"upsserviceshelp.com","tld":"com"},"ip":{"addr":"155.138.163.158","port":0,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-08-23T17:45:48.134981272Z","timestamp":1692812748134,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e HTTP/1.1\r\nHost: upsserviceshelp.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=50d9e5b075d9c9aae26a72da273e05ee\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 23 Aug 2023 17:45:55 GMT\r\nServer: Apache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":11960,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- assembler source, Unicode text, UTF-8 text, with very long lines (420)","md5":"bac3e4ccc8b211433aaf19174206e3de","sha1":"f0f109974998fcb8003777cd5c2ea86b5b4b471d","sha256":"af5a8aeb19d77ba6f428bfbc55c5957eeaa41c24e59adeec8d6480a084b1e09f","sha512":"a422dcb9126dbece57af99ab88afb490d265e8b843238e3d2c3efd83a49a60f6c7926ba26dd92ab4aa488688b2f485eee61aa1ae3796250ebad5ccf7324f8772","ssdeep":"96:GquG1GJoC1VW6tdSIDEepFZoC4kmy1WfD4h9HD17jhhQY1ABfRnhTIyW8P8PetxG:GjU67S+EeoMKD4h/NhQCyjG80V","tlshash":"3732989384f54c7a026259b53eebba4e9f605457c50a1e8074ac33c82fd7e51cd8336e","first_seen":"2023-08-23T19:46:12Z","last_seen":"2023-08-23T19:46:12Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"devilsms.live/css/usps/main.css","fqdn":"devilsms.live","domain":"devilsms.live","tld":"live"},"ip":{"addr":"199.188.200.254","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-08-23T17:45:48.641551375Z","timestamp":1692812748641,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /css/usps/main.css HTTP/1.1\r\nHost: devilsms.live\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsserviceshelp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 30 Aug 2023 17:45:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 20 Oct 2021 03:52:19 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 30024\r\ndate: Wed, 23 Aug 2023 17:45:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":30024,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"assembler source, ASCII text, with very long lines (348), with CRLF line terminators","md5":"36277e4fba035d5002b28b28b3656109","sha1":"244ec24c6b302f36a3a174fc3bf225c3b906603b","sha256":"877c9ecef0ce6e991b965a744c396fb8f8f3968aefa053c966b1a8e806d77c5a","sha512":"1f0a89dffad97d31df67b66b2a79ae776ce03350de44c5c6219913010ca5e48067f8093c4d126031c9bf31289f1cdf9195daf335d8d9b2c59e72518d1e264350","ssdeep":"1536:88OAvNEBXUZ2CZUs2DUV2HOOPrT0qU+d2DPSKSg93zOMwFfIxqNM9wQSDU12Wxr:UOOPrT0sgPlPxqNMuQSY","tlshash":"8134c921d981958e72378c159bb01d44ea7c0047da821abcbf5cb7798fb7d858a62fcc","first_seen":"2023-04-12T09:17:26Z","last_seen":"2023-09-16T07:19:08Z","times_seen":26,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/images/logo-mini-sb.png","fqdn":"upsserviceshelp.com","domain":"upsserviceshelp.com","tld":"com"},"ip":{"addr":"155.138.163.158","port":443,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","date":"2023-08-23T17:45:47.676Z","timestamp":1692812747676,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upsserviceshelp.com","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Tue, 22 Aug 2023 00:00:00 GMT","end":"Mon, 20 Nov 2023 23:59:59 GMT"},"fingerprint":{"sha1":"76:AC:B2:B5:5C:DE:F1:11:75:7A:61:25:C7:36:6C:9F:B1:84:4F:77","sha256":"41:7E:9E:8F:07:1C:8D:7D:3F:A3:B8:E8:8B:CB:BF:58:4A:0E:A3:AC:ED:EA:9A:DB:BD:F4:BF:09:58:44:7A:42"}}},"request":{"raw":"GET /63866ab0c746057e94fc55c2d2b938e6/images/logo-mini-sb.png HTTP/1.1\r\nHost: upsserviceshelp.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e\r\nCookie: PHPSESSID=50d9e5b075d9c9aae26a72da273e05ee\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 23 Aug 2023 17:45:56 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 23 Aug 2023 17:45:54 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 23625\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23625,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 135 x 16, 8-bit/color RGBA, non-interlaced\\012- data","md5":"43707dd65a8c8ec7754b7b45fd483488","sha1":"f258a5de57dfa37baf13296da6055e8f8881d742","sha256":"585262db6911000f59795831f9db7bb41477bcafb135c82b51b0473363134fcf","sha512":"4f821dbcb766cfca452c7a1350e36231fbf82d2d62426e7309e56595813138aaec56daa0c28274a73972977e6d2026aba1ba8866cbdace5c6f5ac276e5664921","ssdeep":"","tlshash":"","first_seen":"2023-05-01T22:22:00Z","last_seen":"2025-10-30T01:12:08.805508Z","times_seen":84,"resource_available":false,"data":null}},"time_used":1114,"timings":{"blocked":938,"dns":0,"connect":0,"send":0,"wait":128,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"devilsms.live/css/usps/Marktplaats.Sprite.svg","fqdn":"devilsms.live","domain":"devilsms.live","tld":"live"},"ip":{"addr":"199.188.200.254","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-08-23T17:45:48.859676592Z","timestamp":1692812748859,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /css/usps/Marktplaats.Sprite.svg HTTP/1.1\r\nHost: devilsms.live\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://devilsms.live/css/usps/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Wed, 23 Aug 2023 17:45:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1238,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-05-12T23:46:55.200371Z","times_seen":40596,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"devilsms.live/css/usps/Roboto-Regular-webfont.woff2","fqdn":"devilsms.live","domain":"devilsms.live","tld":"live"},"ip":{"addr":"199.188.200.254","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","date":"2023-08-23T17:45:48.679Z","timestamp":1692812748679,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"devilsms.live","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Thu, 18 Aug 2022 00:00:00 GMT","end":"Sat, 16 Sep 2023 23:59:59 GMT"},"fingerprint":{"sha1":"72:C0:D3:B1:19:FB:CD:8A:B3:B2:6D:62:78:A9:37:61:9F:B9:AA:6C","sha256":"1C:4F:35:01:63:27:0B:C4:90:DF:FC:74:3F:CE:95:CD:34:A3:1F:11:29:AC:0B:26:23:33:27:CD:B6:9C:50:43"}}},"request":{"raw":"GET /css/usps/Roboto-Regular-webfont.woff2 HTTP/1.1\r\nHost: devilsms.live\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://upsserviceshelp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://devilsms.live/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Wed, 23 Aug 2023 17:45:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-05-12T23:46:55.200371Z","times_seen":40596,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"devilsms.live/css/usps/Roboto-Light-webfont.woff2","fqdn":"devilsms.live","domain":"devilsms.live","tld":"live"},"ip":{"addr":"199.188.200.254","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-08-23T17:45:48.8702552Z","timestamp":1692812748870,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /css/usps/Roboto-Light-webfont.woff2 HTTP/1.1\r\nHost: devilsms.live\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://upsserviceshelp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://devilsms.live/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Wed, 23 Aug 2023 17:45:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1238,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-05-12T23:46:55.200371Z","times_seen":40596,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"devilsms.live/css/usps/Roboto-Regular-webfont.woff","fqdn":"devilsms.live","domain":"devilsms.live","tld":"live"},"ip":{"addr":"199.188.200.254","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-08-23T17:45:49.05249201Z","timestamp":1692812749052,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /css/usps/Roboto-Regular-webfont.woff HTTP/1.1\r\nHost: devilsms.live\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://upsserviceshelp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://devilsms.live/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Wed, 23 Aug 2023 17:45:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1238,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-05-12T23:46:55.200371Z","times_seen":40596,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"devilsms.live/css/usps/Roboto-Light-webfont.woff","fqdn":"devilsms.live","domain":"devilsms.live","tld":"live"},"ip":{"addr":"199.188.200.254","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","date":"2023-08-23T17:45:48.869Z","timestamp":1692812748869,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"devilsms.live","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Thu, 18 Aug 2022 00:00:00 GMT","end":"Sat, 16 Sep 2023 23:59:59 GMT"},"fingerprint":{"sha1":"72:C0:D3:B1:19:FB:CD:8A:B3:B2:6D:62:78:A9:37:61:9F:B9:AA:6C","sha256":"1C:4F:35:01:63:27:0B:C4:90:DF:FC:74:3F:CE:95:CD:34:A3:1F:11:29:AC:0B:26:23:33:27:CD:B6:9C:50:43"}}},"request":{"raw":"GET /css/usps/Roboto-Light-webfont.woff HTTP/1.1\r\nHost: devilsms.live\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://upsserviceshelp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://devilsms.live/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Wed, 23 Aug 2023 17:45:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-05-12T23:46:55.200371Z","times_seen":40596,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"devilsms.live/css/usps/Roboto-Regular-webfont.ttf?v1","fqdn":"devilsms.live","domain":"devilsms.live","tld":"live"},"ip":{"addr":"199.188.200.254","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","date":"2023-08-23T17:45:49.058Z","timestamp":1692812749058,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"devilsms.live","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Thu, 18 Aug 2022 00:00:00 GMT","end":"Sat, 16 Sep 2023 23:59:59 GMT"},"fingerprint":{"sha1":"72:C0:D3:B1:19:FB:CD:8A:B3:B2:6D:62:78:A9:37:61:9F:B9:AA:6C","sha256":"1C:4F:35:01:63:27:0B:C4:90:DF:FC:74:3F:CE:95:CD:34:A3:1F:11:29:AC:0B:26:23:33:27:CD:B6:9C:50:43"}}},"request":{"raw":"GET /css/usps/Roboto-Regular-webfont.ttf?v1 HTTP/1.1\r\nHost: devilsms.live\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://upsserviceshelp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://devilsms.live/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Wed, 23 Aug 2023 17:45:57 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-05-12T23:46:55.200371Z","times_seen":40596,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"devilsms.live/css/usps/Roboto-Light-webfont.ttf?v1","fqdn":"devilsms.live","domain":"devilsms.live","tld":"live"},"ip":{"addr":"199.188.200.254","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","date":"2023-08-23T17:45:49.064Z","timestamp":1692812749064,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"devilsms.live","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Thu, 18 Aug 2022 00:00:00 GMT","end":"Sat, 16 Sep 2023 23:59:59 GMT"},"fingerprint":{"sha1":"72:C0:D3:B1:19:FB:CD:8A:B3:B2:6D:62:78:A9:37:61:9F:B9:AA:6C","sha256":"1C:4F:35:01:63:27:0B:C4:90:DF:FC:74:3F:CE:95:CD:34:A3:1F:11:29:AC:0B:26:23:33:27:CD:B6:9C:50:43"}}},"request":{"raw":"GET /css/usps/Roboto-Light-webfont.ttf?v1 HTTP/1.1\r\nHost: devilsms.live\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://upsserviceshelp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://devilsms.live/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1238\r\ndate: Wed, 23 Aug 2023 17:45:57 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-05-12T23:46:55.200371Z","times_seen":40596,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsserviceshelp.com/content/marktplaats/favicon-192x192.png","fqdn":"upsserviceshelp.com","domain":"upsserviceshelp.com","tld":"com"},"ip":{"addr":"155.138.163.158","port":443,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","date":"2023-08-23T17:45:49.249Z","timestamp":1692812749249,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upsserviceshelp.com","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Tue, 22 Aug 2023 00:00:00 GMT","end":"Mon, 20 Nov 2023 23:59:59 GMT"},"fingerprint":{"sha1":"76:AC:B2:B5:5C:DE:F1:11:75:7A:61:25:C7:36:6C:9F:B1:84:4F:77","sha256":"41:7E:9E:8F:07:1C:8D:7D:3F:A3:B8:E8:8B:CB:BF:58:4A:0E:A3:AC:ED:EA:9A:DB:BD:F4:BF:09:58:44:7A:42"}}},"request":{"raw":"GET /content/marktplaats/favicon-192x192.png HTTP/1.1\r\nHost: upsserviceshelp.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e\r\nCookie: PHPSESSID=50d9e5b075d9c9aae26a72da273e05ee\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 23 Aug 2023 17:45:57 GMT\r\nServer: Apache\r\nContent-Length: 315\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":315,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"a34ac19f4afae63adc5d2f7bc970c07f","sha1":"a82190fc530c265aa40a045c21770d967f4767b8","sha256":"d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3","sha512":"42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765","ssdeep":"","tlshash":"b0e0e75f41473347402252907dc110d1d505236b797161fd3d85b4ab501dc3dc99f7dc","first_seen":"2023-03-07T01:02:33Z","last_seen":"2026-05-13T02:03:10.451945Z","times_seen":145324,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"upsserviceshelp.com/content/marktplaats/favicon.ico","fqdn":"upsserviceshelp.com","domain":"upsserviceshelp.com","tld":"com"},"ip":{"addr":"155.138.163.158","port":443,"asn":20473,"as":"AS-CHOOPA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e","date":"2023-08-23T17:45:49.254Z","timestamp":1692812749254,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upsserviceshelp.com","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Tue, 22 Aug 2023 00:00:00 GMT","end":"Mon, 20 Nov 2023 23:59:59 GMT"},"fingerprint":{"sha1":"76:AC:B2:B5:5C:DE:F1:11:75:7A:61:25:C7:36:6C:9F:B1:84:4F:77","sha256":"41:7E:9E:8F:07:1C:8D:7D:3F:A3:B8:E8:8B:CB:BF:58:4A:0E:A3:AC:ED:EA:9A:DB:BD:F4:BF:09:58:44:7A:42"}}},"request":{"raw":"GET /content/marktplaats/favicon.ico HTTP/1.1\r\nHost: upsserviceshelp.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://upsserviceshelp.com/63866ab0c746057e94fc55c2d2b938e6/?token=f9df725b441ebb9dc8478bfe43c702b2a2f834400454605e06ad7470b7e521c7038553396b0be0420ffec4e8ba702cc234cf6b8302d2f6215b035d1eee266f4e\r\nCookie: PHPSESSID=50d9e5b075d9c9aae26a72da273e05ee\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 23 Aug 2023 17:45:57 GMT\r\nServer: Apache\r\nContent-Length: 315\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":315,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"a34ac19f4afae63adc5d2f7bc970c07f","sha1":"a82190fc530c265aa40a045c21770d967f4767b8","sha256":"d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3","sha512":"42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765","ssdeep":"","tlshash":"b0e0e75f41473347402252907dc110d1d505236b797161fd3d85b4ab501dc3dc99f7dc","first_seen":"2023-03-07T01:02:33Z","last_seen":"2026-05-13T02:03:10.451945Z","times_seen":145324,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - US Postal Service","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with US Postal Service phishing","tags":["usps","logistics","phishing"],"meta":null}]}}]}