Report - uspsexpressways.com/

Report Overview

Submitted URL
uspsexpressways.com/
IP
31.22.4.94
ASN
#34119 Wildcard UK Limited
Submitted
2022-12-04 13:35:07
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - US Postal Service

Detections

urlquery
123
Network Intrusion Detection
0
Threat Detection Systems
204

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fast.fonts.net	2905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	642 B	2.2 kB	104.17.225.78
www.usps.com	11794	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	101 kB	192.229.221.165
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.34.4.233
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
uspsexpressways.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	22 kB	1.5 MB	31.22.4.94
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	47 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service
2022-12-04	medium	uspsexpressways.com/	United States Postal Service

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	uspsexpressways.com/	Phishing
2022-12-04	medium	uspsexpressways.com/global-elements/lib/script/modernizr/modernizr.js	Phishing
2022-12-04	medium	uspsexpressways.com/global-elements/header/script/megamenu.js	Phishing
2022-12-04	medium	uspsexpressways.com/ContentTemplates/common/scripts/OneLinkUsps.js	Phishing
2022-12-04	medium	uspsexpressways.com/global-elements/header/script/ge-login.js	Phishing
2022-12-04	medium	uspsexpressways.com/global-elements/lib/script/requirejs/require.js	Phishing
2022-12-04	medium	uspsexpressways.com/global-elements/header/script/header-init-search.js	Phishing
2022-12-04	medium	uspsexpressways.com/assets/script/home/megamenu-additions.js	Phishing
2022-12-04	medium	uspsexpressways.com/global-elements/footer/script/jquery-3.2.1.js	Phishing
2022-12-04	medium	uspsexpressways.com/assets/script/welcome/popper.min.js	Phishing
2022-12-04	medium	uspsexpressways.com/assets/script/welcome/welcome.js	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/search.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/script/welcome/bootstrap.js	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/logo_mobile.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/tracking.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/script/welcome/jquery.min.js	Phishing
2022-12-04	medium	uspsexpressways.com/global-elements/header/images/utility-header/logo-sb.svg	Phishing
2022-12-04	medium	uspsexpressways.com/global-elements/header/images/utility-header/mailman.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/location.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/stamps.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/schedule_pickup.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/calculate_price.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/find_zip.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/change_address.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/holdmail.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/featured_clicknship.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/po_box.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/free_boxes.svg	Phishing
2022-12-04	medium	uspsexpressways.com/global-elements/header/images/schedule-redelivery.svg	Phishing
2022-12-04	medium	uspsexpressways.com/global-elements/header/images/package-intercept.svg	Phishing
2022-12-04	medium	uspsexpressways.com/global-elements/header/images/icon-personalize-stamped-envelopes.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff	Phishing
2022-12-04	medium	uspsexpressways.com/www.googletagmanager.com/gtm5445.html?id=GTM-MVCC8H	Phishing
2022-12-04	medium	uspsexpressways.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff	Phishing
2022-12-04	medium	uspsexpressways.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff	Phishing
2022-12-04	medium	uspsexpressways.com/component-guide/blue-caret.svg	Phishing
2022-12-04	medium	uspsexpressways.com/assets/images/home/hamburger.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	uspsexpressways.com/	341 B	2023-03-07	2023-11-20
Pretty URL uspsexpressways.com/ IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:01:08 Last Seen2023-11-20 15:55:54 Times Seen35 Hash c8ec26c12021caf7e397537cd9b582bd 7e460a0707f06342f62e65946cf75900c211cf7f 1657601a0f4e2d17776961caf2c72da224ca0f0e1abd68546cb1a293821e8335 Loading...

	uspsexpressways.com/assets/script/welcome/welcome.js	1.1 kB	2023-03-07	2024-04-18
Pretty URL uspsexpressways.com/assets/script/welcome/welcome.js IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:46 Last Seen2024-04-18 06:14:36 Times Seen1238 Hash 5c56be7d9529952b52d9733b1a01ad61 ce49bf25ba12ff232e372e284f4776e3e7afda5f f823628595e886f2e279e5a40621d6bdb2c47512a8b29f4556ed450018b7c7da Loading...

	fast.fonts.net/t/trackingCode.js	650 B	2023-03-07	2024-04-23
Pretty URL fast.fonts.net/t/trackingCode.js IP 104.17.225.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:52 Last Seen2024-04-23 19:44:46 Times Seen2009 Hash 32dd789522cc6923c80141fcf5d3a614 366b7e3fd63176e559d8b8c5f59be6fd3388cf5a 5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960 Loading...

	www.usps.com/global-elements/header/script/search-fe.js	2.3 kB	2023-03-07	2024-04-24
Pretty URL www.usps.com/global-elements/header/script/search-fe.js IP 192.229.221.165 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-24 19:32:57 Times Seen8162 Hash f7f70265f5cf47386622e433317412cb e1b28284e51c848685c7ea6d19ff551284c58e8a 766a3dfb7dab82af4fae555132f7fdbacb7d167f17015fbb23c9591daaaf698b Loading...

	uspsexpressways.com/global-elements/lib/script/modernizr/modernizr.js	11 kB	2023-03-07	2023-11-20
Pretty URL uspsexpressways.com/global-elements/lib/script/modernizr/modernizr.js IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:01:08 Last Seen2023-11-20 15:55:55 Times Seen51 Hash ab040a4dfdf3bf194ec2ec78a5059f29 b5854a3218ebadc1b93bcbc79443be0c7ff68517 f2631010fab9d2c0fabbef7e6262163d0f63a13e1f9b57fd6d706bb2717c2c96 Loading...

	uspsexpressways.com/global-elements/header/script/ge-login.js	9.3 kB	2023-03-07	2023-11-20
Pretty URL uspsexpressways.com/global-elements/header/script/ge-login.js IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:01:08 Last Seen2023-11-20 15:55:54 Times Seen42 Hash 8f89e3263d3b308e7ff03301213b3707 ea2e81693427e83a96b5f0f494e7e42b19dbefc2 4ca4c52e4ee463970866766a208e4509bb3d65e1d52e4894595bb473ed960d51 Loading...

	uspsexpressways.com/assets/script/welcome/bootstrap.js	58 kB	2023-03-07	2024-04-19
Pretty URL uspsexpressways.com/assets/script/welcome/bootstrap.js IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:57 Last Seen2024-04-19 22:28:42 Times Seen3292 Hash 0a958254db529f99f475080fe2a6dcdb eebc17246f2beda813dd3372593cc54a152f9cb4 3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158 Loading...

	uspsexpressways.com/	22 B	2023-03-07	2023-11-20
Pretty URL uspsexpressways.com/ IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:01:08 Last Seen2023-11-20 15:55:54 Times Seen34 Hash 62da62c57f48ac96f19dc57eeb7ee90e 0a1df8f1a441154ac55ea1b6474359086680704f eef1c0dcff62df4ec9bba97bf83aee4cdac29317cefb10b57772c91030532f3e Loading...

	www.usps.com/global-elements/lib/script/require-jquery.js	74 B	2023-03-07	2024-04-24
Pretty URL www.usps.com/global-elements/lib/script/require-jquery.js IP 192.229.221.165 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-24 19:32:57 Times Seen9157 Hash ea38e8196b75d9720bc3902d6d735130 165284464c58d7f213c1211f2c433873299e4527 cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9 Loading...

	uspsexpressways.com/global-elements/header/script/megamenu.js	14 kB	2023-03-07	2023-11-20
Pretty URL uspsexpressways.com/global-elements/header/script/megamenu.js IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:01:08 Last Seen2023-11-20 15:55:54 Times Seen52 Hash e1e1dcf90eff6c0caa189eb6566c1bba 0f7e3bed0cfbb3f8ed01d6a2ddb2569727189cf3 9cac4658f10caa638eaeca59dd0a73f114265787c5ea8fdc8288d1018dbc817b Loading...

	uspsexpressways.com/	22 B	2023-03-07	2024-04-18
Pretty URL uspsexpressways.com/ IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:02 Last Seen2024-04-18 06:14:32 Times Seen687 Hash 602d65d7b771be8a7ec5dd50d2b9a026 3e43b44d56a5c6f7ba02cb1c0bf57342c59973c8 cc61439ba82cd768a848e159f6f79bd6521ce223ecf7282b5ab1797bdc22c779 Loading...

	uspsexpressways.com/global-elements/lib/script/requirejs/require.js	18 kB	2023-03-07	2023-11-20
Pretty URL uspsexpressways.com/global-elements/lib/script/requirejs/require.js IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:01:08 Last Seen2023-11-20 15:55:54 Times Seen57 Hash 28e065e7204c6b97d80d566acea31b84 465d438375f2bee56f2b19c6230f3144a11b4ccd 712ef037baa484e2df9918349f2db853e1ae883ca684d84d67b5308cd44470d2 Loading...

	uspsexpressways.com/	41 B	2023-03-07	2023-11-20
Pretty URL uspsexpressways.com/ IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:33:14 Last Seen2023-11-20 15:55:54 Times Seen24 Hash 6e5fe4f2b453978601a21b7b841ef54b 4869fa74f0f669506b107ca57215c968fe64e05a 026f1d23399c32d8cdee2d07e600ec63a78f4ee2b310339e0586961f77715c92 Loading...

	uspsexpressways.com/global-elements/header/script/header-init-search.js	893 B	2023-03-07	2023-11-20
Pretty URL uspsexpressways.com/global-elements/header/script/header-init-search.js IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:01:08 Last Seen2023-11-20 15:55:54 Times Seen41 Hash 095c21f0d1bddff45d6810d19f79b498 be336eccd49afc1c505448958f242223c4219c67 1ff0fa5a063dcd03b7d50910ca7ee8717cf1a879086340b9d978e6225cb9d423 Loading...

	uspsexpressways.com/assets/script/home/megamenu-additions.js	1.3 kB	2023-03-07	2024-04-24
Pretty URL uspsexpressways.com/assets/script/home/megamenu-additions.js IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-24 19:32:56 Times Seen6053 Hash 847cc8bd91110ff714275c5a29fbd404 cff690cc070f9539cc1c325ed150b819018e8df7 a33554bd04b3364c1e47b719799ae0df426bb17f9c8ec422bb346227534ebdbd Loading...

	uspsexpressways.com/	438 B	2023-03-07	2024-04-18
Pretty URL uspsexpressways.com/ IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:46 Last Seen2024-04-18 06:14:33 Times Seen762 Hash 3b88e93f1337e4825d99445a8f950d26 c3a507e6a822dda291cfeba9c386e55bd0ebb2e5 5c7242c420b339d1704ad3337e82cc08b9c95c5dc4152ce81abb27ab0590a1f4 Loading...

	www.usps.com/global-elements/lib/script/helpers.js	695 B	2023-03-07	2024-04-24
Pretty URL www.usps.com/global-elements/lib/script/helpers.js IP 192.229.221.165 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-24 19:32:57 Times Seen9132 Hash 5372347b4f98f60b33579180ef6a3567 02064f1641c40b35c14a0da9ee310de54ff76cd5 7fa317b049ed33139394313aba29f27b7f11a226270bf10ce1c26d674c0177e4 Loading...

	uspsexpressways.com/	41 B	2023-03-07	2024-04-25
Pretty URL uspsexpressways.com/ IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:03 Last Seen2024-04-25 00:56:07 Times Seen7145 Hash 2ec370ca0eaf3069dce13df24243d863 64c1919bbb18a6d851d1b7772f830320b8ab5cc1 6a31a3a39783d09cc53dd9e9baeb4a4fa49be602eef90f6bbb9f78af02688064 Loading...

	www.usps.com/global-elements/lib/script/jquery/dist/jquery.min.js	96 kB	2023-03-07	2024-04-24
Pretty URL www.usps.com/global-elements/lib/script/jquery/dist/jquery.min.js IP 192.229.221.165 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-24 19:13:26 Times Seen2759 Hash fb6ce399e3e05c48005737e8ae94437d 4de67539c3047e728710d5958a7730fc04f2f9d2 61419a9c82b9f4894a9fa8f92684630ab3f85ec69202567bdac82c5cf11148b9 Loading...

	uspsexpressways.com/global-elements/footer/script/jquery-3.2.1.js	87 kB	2023-03-07	2024-04-25
Pretty URL uspsexpressways.com/global-elements/footer/script/jquery-3.2.1.js IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 03:12:12 Times Seen62227 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	uspsexpressways.com/assets/script/welcome/jquery.min.js	88 kB	2023-03-07	2024-04-24
Pretty URL uspsexpressways.com/assets/script/welcome/jquery.min.js IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2024-04-24 17:48:40 Times Seen8453 Hash 2f772fed444d5489079f275bd01e26cc a8927ac2830b2fdd4a729eb0eb7f80923539ceb9 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a Loading...

	uspsexpressways.com/assets/script/welcome/popper.min.js	19 kB	2023-03-07	2024-04-18
Pretty URL uspsexpressways.com/assets/script/welcome/popper.min.js IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:40 Last Seen2024-04-18 08:06:09 Times Seen1333 Hash b18556921e79d50bc26a3f42f33f1c16 fba9ab5f86f2b90933fc6a735de391e619fa1752 282539cf8196a5e940746f43f640e02c16b6af711cf2486d8e08ffcd39e7f9b8 Loading...

	uspsexpressways.com/ContentTemplates/common/scripts/OneLinkUsps.js	3.6 kB	2023-03-07	2024-04-24
Pretty URL uspsexpressways.com/ContentTemplates/common/scripts/OneLinkUsps.js IP 31.22.4.94 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-24 19:32:56 Times Seen6073 Hash b60628830a1d34363f98c9443b856555 ba386fdd91d2db7fb6749982caa78bef59028077 68482663e769a15815d142d88f7a4d8105c02fe2bd37a9899a019b518f17a2b3 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 591472b2388f139ba72263a46ff3d619	381 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:18:52 Last Seen2024-04-23 19:44:47 Times Seen1863 Hash 591472b2388f139ba72263a46ff3d619 51af3d9df4a627071d03481542efe344da6c969f 534cebb2ad439f5a67eef8084ce23509bb3bb872ea8cab7a41ebe1cbb7a95a2d Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

HTTP Transactions (110)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15228
Expires: Sun, 04 Dec 2022 17:48:43 GMT
Date: Sun, 04 Dec 2022 13:34:55 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2597
Cache-Control: max-age=164379
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:34:55 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:14:34 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 13:20:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 888
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6230
Expires: Sun, 04 Dec 2022 15:18:46 GMT
Date: Sun, 04 Dec 2022 13:34:56 GMT
Connection: keep-alive

uspsexpressways.com/

31.22.4.94

200 OK

24 kB

URL HTTP/1.1
uspsexpressways.com/
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1242), with CRLF, CR line terminators
Size
24 kB (23688 bytes)
Hash
32a741bb8c80de0ae276398ac8414dc5
e445262b9db7267eeb74f6397ca5657d85c2e329
cbeaa3495e87e12b4ad6323f763694f8baf2e2fe47d9e4a3a7513fece2504ee2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 23 Mar 2020 03:43:52 GMT
Cache-Control: max-age=500, public, proxy-revalidate
Expires: Sun, 04 Dec 2022 13:43:15 GMT
Content-Encoding: gzip

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: d1tpmz5mM5kcbyhPkedOb6iAftYT7qHZc4v4FgnehQ8WHJ7P9f0XbZ5rpTdYCTOGywp7j4hQSM4=
x-amz-request-id: 04GM60Q5MWRT3ZAC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 12:46:59 GMT
age: 2877
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:34:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

uspsexpressways.com/global-elements/header/css/megamenu-v2.css

31.22.4.94

200 OK

8.4 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/header/css/megamenu-v2.css
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with very long lines (44713), with no line terminators
Size
8.4 kB (8372 bytes)
Hash
e7fa58b7949988b4087201464b4f7361
2cfaeb636494ab81486a8e812822a6bbbd6a44cf
3d81ca2d8ced8688ebd565dfaf86c515166d2df9318e282e4f12d92baf6ad8d4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /global-elements/header/css/megamenu-v2.css HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 10 Sep 2019 01:43:42 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/global-elements/lib/script/modernizr/modernizr.js

31.22.4.94

200 OK

4.9 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/lib/script/modernizr/modernizr.js
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
HTML document, ASCII text, with very long lines (11085)
Size
4.9 kB (4912 bytes)
Hash
ede7bdbc2b2966b766fef041ce7c8a76
dbfccf059745cfbe220437b1bb704051812f0f67
154febe846afcf9e2a7fb875e8b677f1123158c3ccf82f83976f2278f8df39b1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/lib/script/modernizr/modernizr.js HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 15 Oct 2014 08:50:20 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/global-elements/header/script/megamenu.js

31.22.4.94

200 OK

3.4 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/header/script/megamenu.js
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with very long lines (3410), with CRLF line terminators
Size
3.4 kB (3390 bytes)
Hash
10506783c1af8971eba719db082cdea4
43d99a8c5ea10dc5cc2a3882960856679a420523
c6c3f1bd8fc6e2552de95b25845c4000ed0b9f85285641a1fcae6f6dd3d3a0f6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/script/megamenu.js HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Nov 2018 03:01:30 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/css/welcome/bootstrap.css

31.22.4.94

200 OK

28 kB

URL HTTP/1.1
uspsexpressways.com/assets/css/welcome/bootstrap.css
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with very long lines (65319), with CRLF line terminators
Size
28 kB (28149 bytes)
Hash
c442a0881958749aeda6d0e9d8b4738c
4f540c50f15c1d43219a83d74cb306423ce9da65
073a2909660c2bc85621eefcb3173b57ebc0fdb47c6ea73fa521d925af55f06a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/css/welcome/bootstrap.css HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 02 Aug 2019 00:33:50 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/ContentTemplates/common/scripts/OneLinkUsps.js

31.22.4.94

200 OK

1.1 kB

URL HTTP/1.1
uspsexpressways.com/ContentTemplates/common/scripts/OneLinkUsps.js
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1130 bytes)
Hash
df5f81d888a8c3748142af1c5cbe989c
6840c8a6beffdde9351cba94eeab4b38846fda1d
ee944bb1512b3d3ec607d4d724a83242d2cb9a71011c94f652c436f982d55cf5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /ContentTemplates/common/scripts/OneLinkUsps.js HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 26 Apr 2019 03:01:34 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/global-elements/header/script/ge-login.js

31.22.4.94

200 OK

2.8 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/header/script/ge-login.js
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with CRLF line terminators
Size
2.8 kB (2840 bytes)
Hash
9f065e71243d85d2a50afd89889e7249
09b1629322caa9220f4995a1ab559a3a24a6a42c
05ccba59a4c52d4abdc77635ecf0efadf4281ffa590ce1fcfc3e112767125590

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/script/ge-login.js HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 05 Feb 2019 03:48:02 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/global-elements/lib/script/requirejs/require.js

31.22.4.94

200 OK

7.1 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/lib/script/requirejs/require.js
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with very long lines (17300)
Size
7.1 kB (7103 bytes)
Hash
e6e51c6592a4e45ea082e17b08d40c9a
f08516ee7c0383f316c96ebd199fab550a6607fb
2f66c964b37f85e50179d35d68b2b31b3840f0b78ef4dbc45646deadf76f327e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/lib/script/requirejs/require.js HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 16 Oct 2014 06:41:00 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/global-elements/header/script/header-init-search.js

31.22.4.94

200 OK

341 B

URL HTTP/1.1
uspsexpressways.com/global-elements/header/script/header-init-search.js
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text
Size
341 B (341 bytes)
Hash
1da74bf88d3510e7a363e7f080827e08
8a5e40d5e65861415404a8beeb320bc70000b1fe
508e892e1d2bb69fbfc63ca0ea8719754c2ef530a152469aef9ec9a257b1d517

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/script/header-init-search.js HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 12 Apr 2016 23:20:30 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/script/home/megamenu-additions.js

31.22.4.94

200 OK

547 B

URL HTTP/1.1
uspsexpressways.com/assets/script/home/megamenu-additions.js
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with CRLF line terminators
Size
547 B (547 bytes)
Hash
07d8a52baab925c4670d057c8ad91563
a409cd2d3e9df3a6edaf956ab11f88ab1f5b7666
42f57d33fc015c56a1afaaed3eda0cec049e8a65aa73ac73de6a7e574a30336f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/script/home/megamenu-additions.js HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 06 Sep 2019 03:37:52 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/global-elements/footer/css/main-sb.css

31.22.4.94

200 OK

2.9 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/footer/css/main-sb.css
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with very long lines (8474)
Size
2.9 kB (2920 bytes)
Hash
0d92a399a07ebe33876aecdb8f21da53
f0012f665e7c819b14b7c44ff0da4e9e2b98a628
66540d128f195a21b0c10a527e285801e7128b01df9a055876a76ab416dbff38

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /global-elements/footer/css/main-sb.css HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Oct 2015 02:19:42 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/css/welcome/welcome-styles.css

31.22.4.94

200 OK

6.5 kB

URL HTTP/1.1
uspsexpressways.com/assets/css/welcome/welcome-styles.css
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with CRLF line terminators
Size
6.5 kB (6516 bytes)
Hash
5378b607c4cff535a43de806ea8fd91c
2e42ea94c37faa751ee04503230dd8067249c009
d99f8d8764b9357bfa6f7686b364bce46b568b3c3a054a839a3c5b6fc4161312

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/css/welcome/welcome-styles.css HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 20 Nov 2019 04:34:04 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/global-elements/footer/script/jquery-3.2.1.js

31.22.4.94

200 OK

34 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/footer/script/jquery-3.2.1.js
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with very long lines (32058)
Size
34 kB (33807 bytes)
Hash
e9f463ed1f7cffe7e9c20a98e115d905
020f9fb6052f16de5691a5025ffc0527460a9fb1
bd967a8e44f406fa79d6bf394b242a67eb8c558ef6cae76ea459de828d6b8fe3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/footer/script/jquery-3.2.1.js HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 15 Nov 2017 06:43:52 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/global-elements/footer/css/footer-sb.css

31.22.4.94

200 OK

1.0 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/footer/css/footer-sb.css
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with very long lines (3074)
Size
1.0 kB (1001 bytes)
Hash
ddba0525c444ee569d6f5c28e4654e3e
8d009ee643018c91f434b285f8493fadf5cb348e
38faf23540e5f8933e891b14580b99aae82939390d531dd966201c6ae3781c31

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /global-elements/footer/css/footer-sb.css HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Oct 2015 02:21:10 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/script/welcome/popper.min.js

31.22.4.94

200 OK

7.5 kB

URL HTTP/1.1
uspsexpressways.com/assets/script/welcome/popper.min.js
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with very long lines (18860), with CRLF line terminators
Size
7.5 kB (7450 bytes)
Hash
3278e86c09e0edd1eb9b8a5fd7331cc6
204407f800459c620ce5bd649580ef7e42ab5e2e
4c14cf6d57498bcd4b0a922237a2fd3beb2a2119a60ba89ba5c34ef2d0e536bf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/script/welcome/popper.min.js HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 02 Aug 2019 00:27:52 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/script/welcome/welcome.js

31.22.4.94

200 OK

455 B

URL HTTP/1.1
uspsexpressways.com/assets/script/welcome/welcome.js
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with CRLF line terminators
Size
455 B (455 bytes)
Hash
da0baa67320635bd8eb478f1ae1a6531
05dd2ba820da9a195d91208dbe13963ffd64eca4
e384f5bb0718e0b5045e7da4d23a31d9f6f2f008285df88e7d06faae37ee2960

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/script/welcome/welcome.js HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 20 Sep 2019 00:05:12 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/images/home/search.svg

31.22.4.94

200 OK

816 B

URL HTTP/1.1
uspsexpressways.com/assets/images/home/search.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
816 B (816 bytes)
Hash
7d9d8de80673efdb2153792bff57d832
3a2dd80f1e04d6e2530090a109aac814b7baf983
d84da92010903f89755d8ddb7856f2e7790b60e69df00812506032a51bb5b665

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/search.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Feb 2017 11:46:16 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/script/welcome/bootstrap.js

31.22.4.94

200 OK

18 kB

URL HTTP/1.1
uspsexpressways.com/assets/script/welcome/bootstrap.js
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with very long lines (57791), with CRLF line terminators
Size
18 kB (18082 bytes)
Hash
950ed0d9997c1c184ab8a8f6c29c5b8f
8d0bb0a303dcfe3f7ffa9d83cb19863ef15836f9
f755dfb9ca84860d455c61cb7e67fa65eb5f2e882225f0c9c1e441852f3c7926

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/script/welcome/bootstrap.js HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 02 Aug 2019 00:27:52 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/images/home/logo_mobile.svg

31.22.4.94

200 OK

949 B

URL HTTP/1.1
uspsexpressways.com/assets/images/home/logo_mobile.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
949 B (949 bytes)
Hash
892a4e2ced2663f0bb065b7c25938df9
00a1e0d4027a175f2f06f4e2d3b21be750288f2c
82487d821976acf8f041f45a3115457db4c3fb026a1a81585a9c1cffc4e69d69

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/logo_mobile.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 07 Feb 2017 04:02:04 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/images/home/tracking.svg

31.22.4.94

200 OK

868 B

URL HTTP/1.1
uspsexpressways.com/assets/images/home/tracking.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
868 B (868 bytes)
Hash
fa0f376245ed2b11300ba3d5304110ec
5b060b0a86b5fcce5addb5fdc2015a306c7d4d66
6dc56b3fd941297610d02dce2835694c2c0ad1eb5811100db409269530b65c60

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/tracking.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Feb 2017 11:46:18 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/script/welcome/jquery.min.js

31.22.4.94

200 OK

34 kB

URL HTTP/1.1
uspsexpressways.com/assets/script/welcome/jquery.min.js
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
34 kB (34431 bytes)
Hash
08d564c6744fa68479a03e535bdb4486
b8bf97633904184132bcfe71699a92b4c3e542c4
ac73b1002285be268a129305c266784730a64feabacfa222eb03ee7e9bfeda32

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/script/welcome/jquery.min.js HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 02 Aug 2019 00:27:52 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:55 GMT
Content-Encoding: gzip

uspsexpressways.com/global-elements/header/images/utility-header/logo-sb.svg

31.22.4.94

200 OK

1.7 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/header/images/utility-header/logo-sb.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.7 kB (1663 bytes)
Hash
da9dcc1f7e5d49a7eca7d0064940f307
7bfed2fbda848ff416dc11772aa2bfcbfb962b0c
269bae456360b3e1cd5d0d9a7247d970dde46d3200330bdf0f67dd1aed1e0192

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/utility-header/logo-sb.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 02 Mar 2017 09:28:02 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/global-elements/header/images/utility-header/mailman.svg

31.22.4.94

200 OK

940 B

URL HTTP/1.1
uspsexpressways.com/global-elements/header/images/utility-header/mailman.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
940 B (940 bytes)
Hash
51dc9c092751d16b3c3309e63fb8a23c
e1c4c3b73110d645e1eac4af1a920a8b43c40958
3e957774c60afb155c7311a952ff38f8dd5b4802d824fde1405026b6880cb435

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 06 Sep 2017 23:54:40 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/manage/go-now.png

31.22.4.94

200 OK

8.0 kB

URL HTTP/1.1
uspsexpressways.com/manage/go-now.png
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (8026 bytes)
Hash
49754396635190a6532dd376acc76ee1
526df243e2adbf5719b082c5e04190ed40209ccd
0962cc2915393132882747bf55b069572324019764af92ec02d5d0249bfdff99

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /manage/go-now.png HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/png
Content-Length: 8026
Connection: keep-alive
Last-Modified: Fri, 23 Mar 2018 02:35:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/ship/go-now.png

31.22.4.94

200 OK

20 kB

URL HTTP/1.1
uspsexpressways.com/ship/go-now.png
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
PNG image data, 210 x 142, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20334 bytes)
Hash
d0dad9004bae0df70b06b75557b1df62
4a080764de6b97902413f5c836432a30da348517
2ff8048ab175abf501e134d00a973ca31a7b0de09c2777eab0a2c9dc07ca0289

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /ship/go-now.png HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/png
Content-Length: 20334
Connection: keep-alive
Last-Modified: Wed, 13 Nov 2019 02:42:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/business/go-now.png

31.22.4.94

200 OK

9.7 kB

URL HTTP/1.1
uspsexpressways.com/business/go-now.png
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
9.7 kB (9744 bytes)
Hash
bb9d4474c242a01f5e7c5218033e7524
5321471a28516dd9ddcf9c1a2d9f490e988a7aad
caa4a7882b0ca4e1cc3dc0c515da871eabc11c045099df2d3686c4d22274fd11

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /business/go-now.png HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/png
Content-Length: 9744
Connection: keep-alive
Last-Modified: Sat, 10 Mar 2018 09:15:46 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/assets/images/home/location.svg

31.22.4.94

200 OK

1.3 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/home/location.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.3 kB (1271 bytes)
Hash
c1db71f82f5b9c2e048414b8539739d1
134999298028558d004ab7b36bae6455e661204c
39637251d1b34f35f5f52d4c84f127a18dfb8662236d252eb4124248e8bd8079

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/location.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Feb 2017 11:46:08 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/store/go-now.png

31.22.4.94

200 OK

28 kB

URL HTTP/1.1
uspsexpressways.com/store/go-now.png
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27510 bytes)
Hash
3129017c08a5c6f4424ff560474bf498
188bf767afd38a9fc3806cb3cabc3ee55a8873ff
39d86c29c3ee81796ffa8fad70fbd7ba088cb531e07b49839510c9a539282359

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /store/go-now.png HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/png
Content-Length: 27510
Connection: keep-alive
Last-Modified: Fri, 03 Jan 2020 09:15:36 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/assets/images/home/stamps.svg

31.22.4.94

200 OK

567 B

URL HTTP/1.1
uspsexpressways.com/assets/images/home/stamps.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
567 B (567 bytes)
Hash
fe095c71f20ef90f5368638372448fa4
83c9047f74fe6e5f5e4d34e87f1794d8f3fecd47
7994132cf8eae1a87213264e4e3b35ca3bfc2852018fd54e210381150393d43f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/stamps.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Feb 2017 11:46:16 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/images/home/schedule_pickup.svg

31.22.4.94

200 OK

944 B

URL HTTP/1.1
uspsexpressways.com/assets/images/home/schedule_pickup.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
944 B (944 bytes)
Hash
dbbccbe9c887411b0495b5f8140c4acf
757db8da41c907fb59f34bb086d51a164da7df3c
09f6b08000812dd5bbdf53201b11a929d7209b225166c20021dc7f5a3d88e17a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/schedule_pickup.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Feb 2017 11:46:16 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/images/home/calculate_price.svg

31.22.4.94

200 OK

802 B

URL HTTP/1.1
uspsexpressways.com/assets/images/home/calculate_price.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
802 B (802 bytes)
Hash
fab3220c66b004a0a34e07e699df2b5c
a7c7b621e408ed4ed3ccd1e5d37636410de4229e
f46f7e41c6365d2f13695ea29a013ab3518db2c0dcb198c95c71072d66077e1a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/calculate_price.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Feb 2017 11:46:06 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/images/home/find_zip.svg

31.22.4.94

200 OK

820 B

URL HTTP/1.1
uspsexpressways.com/assets/images/home/find_zip.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
820 B (820 bytes)
Hash
28c37953baafe3ba9b022e0c75670da0
180fa95ae1092f8e93d3680465d6aae042d56d7f
7ddb5f187ee80fdb83e79149271eb4b2fc118b1ded617956354853beee928be4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/find_zip.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Feb 2017 11:46:08 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/international/go-now.png

31.22.4.94

200 OK

22 kB

URL HTTP/1.1
uspsexpressways.com/international/go-now.png
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22133 bytes)
Hash
22ab573e325c944450873345437b0887
0446e4d20c824d38ef4d427cf7e025c8f034f11a
d8573e3e13b1fb40173ea39d5e7fc1b935ae1239b9ca37ac3d7fedf3d966f4ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /international/go-now.png HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/png
Content-Length: 22133
Connection: keep-alive
Last-Modified: Sat, 24 Mar 2018 06:58:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/assets/images/home/change_address.svg

31.22.4.94

200 OK

973 B

URL HTTP/1.1
uspsexpressways.com/assets/images/home/change_address.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
973 B (973 bytes)
Hash
532a50ae76bcd3feae5bfbd5d1f81711
7660fd5ab8c8cc88d6192a6304733a3f55900777
445a3c152a81880e866ec0fe510ecfb61870a74f336a2a935948bde88e59b008

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/change_address.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Feb 2017 11:46:06 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/images/home/holdmail.svg

31.22.4.94

200 OK

797 B

URL HTTP/1.1
uspsexpressways.com/assets/images/home/holdmail.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
797 B (797 bytes)
Hash
c6eb890afb32c726859c3faf8b7f481c
c555044e83c9fd829fc9eb0db7ca354348d57ad8
6b3a4e23fb7fc4efd934b1e02d2cf760454b7734db3f01ad21a1f429b238d977

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/holdmail.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Feb 2017 11:46:08 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/images/home/featured_clicknship.svg

31.22.4.94

200 OK

516 B

URL HTTP/1.1
uspsexpressways.com/assets/images/home/featured_clicknship.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Size
516 B (516 bytes)
Hash
774a1f8a381f5bd7126636504acc204f
533a06e7a9e0724fc90cd3cb46ca2445b07b416f
1c36f789d2300bfe1bf6f842d1b75ebc237ae40ae624187d31fc734510c3d024

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/featured_clicknship.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Feb 2017 11:45:20 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/images/home/po_box.svg

31.22.4.94

200 OK

876 B

URL HTTP/1.1
uspsexpressways.com/assets/images/home/po_box.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
876 B (876 bytes)
Hash
a254d9c98974eb5905d04deddbafc8d2
c29a47624a5d075b5d44886d6e19a95a33da6ec4
a2d72afbf2a0acc568afe3a358bc0b9b7151588238ee87822eacd8a3dc6dd619

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/po_box.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Feb 2017 11:46:12 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/assets/images/home/free_boxes.svg

31.22.4.94

200 OK

653 B

URL HTTP/1.1
uspsexpressways.com/assets/images/home/free_boxes.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
653 B (653 bytes)
Hash
73c8cee1aeb5c97cf837f64d3431a40f
fa2e164f0b698b34012f2055794a3fad00f86774
39df74aadb4ea4b34ebe674789980d4ac0fe63259b1e8aa44173a2b87406ce8f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/free_boxes.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Feb 2017 11:46:08 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/global-elements/header/images/schedule-redelivery.svg

31.22.4.94

404 Not Found

286 B

URL HTTP/1.1
uspsexpressways.com/global-elements/header/images/schedule-redelivery.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
286 B (286 bytes)
Hash
b5c46061ff8a611e3612ed144683751e
d855b25cba3e4e325e5eb688514a07f5806b66d0
22917d50b3eb7d5ad6f854dd36a121f57d551a6978d5406a1f2930bcc40d6de1

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/schedule-redelivery.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/global-elements/header/css/megamenu-v2.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

uspsexpressways.com/global-elements/header/images/package-intercept.svg

31.22.4.94

404 Not Found

286 B

URL HTTP/1.1
uspsexpressways.com/global-elements/header/images/package-intercept.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
286 B (286 bytes)
Hash
b5c46061ff8a611e3612ed144683751e
d855b25cba3e4e325e5eb688514a07f5806b66d0
22917d50b3eb7d5ad6f854dd36a121f57d551a6978d5406a1f2930bcc40d6de1

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/package-intercept.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/global-elements/header/css/megamenu-v2.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

uspsexpressways.com/global-elements/header/images/icon-personalize-stamped-envelopes.svg

31.22.4.94

404 Not Found

286 B

URL HTTP/1.1
uspsexpressways.com/global-elements/header/images/icon-personalize-stamped-envelopes.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
286 B (286 bytes)
Hash
b5c46061ff8a611e3612ed144683751e
d855b25cba3e4e325e5eb688514a07f5806b66d0
22917d50b3eb7d5ad6f854dd36a121f57d551a6978d5406a1f2930bcc40d6de1

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/icon-personalize-stamped-envelopes.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/global-elements/header/css/megamenu-v2.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

fast.fonts.net/t/trackingCode.js

104.17.225.78

200 OK

453 B

URL HTTP/1.1
fast.fonts.net/t/trackingCode.js
IP
104.17.225.78:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (650), with no line terminators
Size
453 B (453 bytes)
Hash
5c469ac1f76defc2a7d4ddb4ea4bc175
37e710b2c319ed337462dd56a0e3784673b99c6e
f2dbcd5a351631e6fea427b3c5750c8a628eab3c41ec2f2a44dc076894f24e89

HTTP Headers

GET /t/trackingCode.js HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: bn8+rtPyAQhRCbCSmFx8QkCMW2ocPj4jEkOk9mvKypiI6I4pSe6y1od4zqZS1mONTmLUsxzAT8k=
x-amz-request-id: WZ64VR1VN5XWA84M
Last-Modified: Tue, 23 Mar 2021 09:15:19 GMT
ETag: W/"32dd789522cc6923c80141fcf5d3a614"
Cache-Control: public, max-age=300
x-amz-meta-mtime: 1383840033
x-amz-version-id: null
CF-Cache-Status: HIT
Age: 2050
Expires: Sun, 04 Dec 2022 13:39:56 GMT
Set-Cookie: __cf_bm=1GahlKtjX9pDjyIX8hGhpaZUC5hSgDjX75WtDphHPMc-1670160896-0-Ab++JYaxmgLcW+pMSk6EjvieZr2qTvVCUZKYFAnoUALKmGGSvQOTWKYtns+lDduse2OQCsSQmrAF8kqaxxmr0tw=; path=/; expires=Sun, 04-Dec-22 14:04:56 GMT; domain=.fonts.net; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7744ec24bc69b527-OSL
Content-Encoding: gzip

uspsexpressways.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff

31.22.4.94

200 OK

47 kB

URL HTTP/1.1
uspsexpressways.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
Web Open Font Format, TrueType, length 46657, version 1.0\012- data
Size
47 kB (46657 bytes)
Hash
3beb1cf49dc702cd4de8618eeb344dd4
080e1b4dc8b43ddb06961a3490857cdb936a8c2a
ffd7af6177837790e2620c429dce0da6dc7d18bbdcf87a7ed2c033a03513e947

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uspsexpressways.com/global-elements/footer/css/main-sb.css

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: font/woff
Content-Length: 46657
Connection: keep-alive
Last-Modified: Thu, 09 Oct 2014 23:18:02 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT

www.usps.com/assets/images/home/schedule_pickup.svg

192.229.221.165

200 OK

923 B

URL HTTP/2
www.usps.com/assets/images/home/schedule_pickup.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
923 B (923 bytes)
Hash
9f9e044f92360c82183e3a31b774e7b2
273798ee8d4dead89367b835cdb7f65f51e81b47
e4b7ae480aae11558a890826cde2cc6fa10039a787052dfc72cdad3e7a772373

HTTP Headers

GET /assets/images/home/schedule_pickup.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44640
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "6ef-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/732F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 923
X-Firefox-Spdy: h2

uspsexpressways.com/assets/images/welcome/featured/cns-box-with-label.jpg

31.22.4.94

200 OK

53 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/welcome/featured/cns-box-with-label.jpg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 670x450, components 3\012- data
Size
53 kB (53073 bytes)
Hash
bdfc8d7f260c52b524e8dd2555b16f56
5f0d5c9d8588b28753a8def8f9e7abd44727d489
8abba128a06adc752c8d62e940e85a7198eee1581e2e9457bc70fe157c25ebdb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/images/welcome/featured/cns-box-with-label.jpg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/jpeg
Content-Length: 53073
Connection: keep-alive
Last-Modified: Thu, 30 Jan 2020 08:11:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

www.usps.com/assets/images/home/utility_languages.png

192.229.221.165

200 OK

1.5 kB

URL HTTP/2
www.usps.com/assets/images/home/utility_languages.png
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1456 bytes)
Hash
410956805d5701e87299cff412827e1a
5de9a390649dfc12e3d6df431140d499ad8abd67
6e727dbf5b0f4a3ec76762e445ad2c5cb750f7de41afb8b0342f903124d09826

HTTP Headers

GET /assets/images/home/utility_languages.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 44510
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "5b0-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7E8E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1456
X-Firefox-Spdy: h2

www.usps.com/global-elements/header/images/utility-header/search.svg

192.229.221.165

200 OK

795 B

URL HTTP/2
www.usps.com/global-elements/header/images/utility-header/search.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
795 B (795 bytes)
Hash
78562ea313af96eca6581054fdbbc76c
b0f3fd320af131b3787b39c864ecac52de12a75e
7932a41ccc861366f60896fe808612a1361c85d654aef21c5d54f7673141c0a9

HTTP Headers

GET /global-elements/header/images/utility-header/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44064
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "5b9-549b126599f40+gzip"
last-modified: Wed, 01 Mar 2017 20:28:05 GMT
server: ECAcc (dcb/7ECE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/stamps.svg

192.229.221.165

200 OK

551 B

URL HTTP/2
www.usps.com/assets/images/home/stamps.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
551 B (551 bytes)
Hash
780aa534eb1541ac0834489beafdeea2
2593cddb6c1b7505016d3c1138e16ff556e42166
c2a1858fe0517c4c928dad150f22710f1771c1b43b92b79ceb0b20e44db61ee8

HTTP Headers

GET /assets/images/home/stamps.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 18469
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "44f-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7EC4)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 551
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/po_box.svg

192.229.221.165

200 OK

848 B

URL HTTP/2
www.usps.com/assets/images/home/po_box.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
848 B (848 bytes)
Hash
a1feed192f3aca7fd02c00b6ee45bb07
fce52b953f90a873186cd2c3ddb26dcca41884be
88dcd2a8a6b055bf63763c0a86338f33b09a257c89e26a5ae6a364becf1ac122

HTTP Headers

GET /assets/images/home/po_box.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44684
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "667-5494e7f259740+gzip"
last-modified: Fri, 24 Feb 2017 22:46:13 GMT
server: ECAcc (dcb/7FD5)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 848
X-Firefox-Spdy: h2

uspsexpressways.com/assets/images/welcome/featured/arnold-palmer.jpg

31.22.4.94

200 OK

44 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/welcome/featured/arnold-palmer.jpg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
JPEG image data, baseline, precision 8, 670x450, components 3\012- data
Size
44 kB (43986 bytes)
Hash
4d8d0c3105e2ea88caba1958e3ce2d90
232348dd20eb7e001f33e1e624219a1a3c294faf
eff58dd4a8347b557eb6da02ae19b812b3e9674b7516f3e7902bda7a02969f61

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/images/welcome/featured/arnold-palmer.jpg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/jpeg
Content-Length: 43986
Connection: keep-alive
Last-Modified: Thu, 20 Feb 2020 05:27:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

www.usps.com/assets/images/home/featured_clicknship.svg

192.229.221.165

200 OK

493 B

URL HTTP/2
www.usps.com/assets/images/home/featured_clicknship.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Size
493 B (493 bytes)
Hash
efb53558ef3932a80523af92bdda2085
1a97f57d64bc76f296423e1ddbdba9bc71b6d754
f0a25ce9d4e04e6b12bfc528584d599d5e472238849b0e1c66ff5357058d38fe

HTTP Headers

GET /assets/images/home/featured_clicknship.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44787
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "436-5494e7bfce000+gzip"
last-modified: Fri, 24 Feb 2017 22:45:20 GMT
server: ECAcc (dcb/7F6B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 493
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/calculate_price.svg

192.229.221.165

200 OK

772 B

URL HTTP/2
www.usps.com/assets/images/home/calculate_price.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
772 B (772 bytes)
Hash
42af7d5484bf8f80ac930313caa5941f
c3dbaf338d7fa81845487333c0cba5b8341bd140
f8f9b52e8d7b815deba988cfcdc6596e9e7b6671075907290c8e96679b18fb2c

HTTP Headers

GET /assets/images/home/calculate_price.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44705
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "8fe-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/7304)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 772
X-Firefox-Spdy: h2

uspsexpressways.com/assets/images/welcome/featured/id-2-hands.jpg

31.22.4.94

200 OK

74 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/welcome/featured/id-2-hands.jpg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 670x450, components 3\012- data
Size
74 kB (74276 bytes)
Hash
5b0d2ed3c585924ded3e0bb783c8ff13
7574109ed79cb185c8bf655ddf47d8bc51c6e210
ffe00481626d78c4e9fdedb53f2a2aa5aca4ebf133212591a5cc43b464221913

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/images/welcome/featured/id-2-hands.jpg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/jpeg
Content-Length: 74276
Connection: keep-alive
Last-Modified: Fri, 28 Feb 2020 05:04:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/assets/images/welcome/carousel/collectors-dotcom-cd.jpg

31.22.4.94

200 OK

62 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/welcome/carousel/collectors-dotcom-cd.jpg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 626x277, components 3\012- data
Size
62 kB (62425 bytes)
Hash
b48c881d8a5b186e8c6cfa496d81f63d
b0ad2fe84554b9465268a9c294c2ba572f8a46af
cf111326a568ccb0b845a1efcf8baeee51f25df190bef7474b09d8c01bc1f8e6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/images/welcome/carousel/collectors-dotcom-cd.jpg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/jpeg
Content-Length: 62425
Connection: keep-alive
Last-Modified: Thu, 13 Feb 2020 03:28:20 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

www.usps.com/assets/images/home/tracking.svg

192.229.221.165

200 OK

844 B

URL HTTP/2
www.usps.com/assets/images/home/tracking.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
844 B (844 bytes)
Hash
04034bbe69ef912819cee070ff866703
2c96d71004568c2b460a7f8b796ae45ad89999ec
959755a6f38fb278acd6abb223db552ecf757c291f437149663009aafb83a181

HTTP Headers

GET /assets/images/home/tracking.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 60952
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "619-5494e7f71e280+gzip"
last-modified: Fri, 24 Feb 2017 22:46:18 GMT
server: ECAcc (dcb/7E95)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 844
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/find_zip.svg

192.229.221.165

200 OK

793 B

URL HTTP/2
www.usps.com/assets/images/home/find_zip.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
793 B (793 bytes)
Hash
4b74917936300819402d564909e39a34
82c09f9b1fa78724d4843b28f12c52e8bb218f2a
d7178ea719cbe6f11c5da374dc26908b1ad0d05d34a33cd6e6d701f5e05c209b

HTTP Headers

GET /assets/images/home/find_zip.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44075
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "5bf-5494e7ed94c00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:08 GMT
server: ECAcc (dcb/7ECC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 793
X-Firefox-Spdy: h2

uspsexpressways.com/www.googletagmanager.com/gtm5445.html?id=GTM-MVCC8H

31.22.4.94

404 Not Found

286 B

URL HTTP/1.1
uspsexpressways.com/www.googletagmanager.com/gtm5445.html?id=GTM-MVCC8H
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
286 B (286 bytes)
Hash
b5c46061ff8a611e3612ed144683751e
d855b25cba3e4e325e5eb688514a07f5806b66d0
22917d50b3eb7d5ad6f854dd36a121f57d551a6978d5406a1f2930bcc40d6de1

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /www.googletagmanager.com/gtm5445.html?id=GTM-MVCC8H HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.usps.com/assets/images/home/chinese_characters.gif

192.229.221.165

200 OK

2.2 kB

URL HTTP/2
www.usps.com/assets/images/home/chinese_characters.gif
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
GIF image data, version 89a, 44 x 102\012- data
Size
2.2 kB (2173 bytes)
Hash
6cfd66aca15e28ed9e77672fa22604b7
79f78e9167a5853d740486cdae627034cf2a7085
dc9835ec6574c8d748f4fe255d01035a7d289f4a8caae72a989a32d3973caecd

HTTP Headers

GET /assets/images/home/chinese_characters.gif HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 33460
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/gif
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "87d-547e11c4438c0"
last-modified: Mon, 06 Feb 2017 18:50:51 GMT
nncoection: close
server: ECAcc (dcb/7FA2)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 2173
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/change_address.svg

192.229.221.165

200 OK

935 B

URL HTTP/2
www.usps.com/assets/images/home/change_address.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
935 B (935 bytes)
Hash
6c6d11d6d4ad880538ac8b3c9b244e35
d2f5a684574f89a8bdac4ac35508dc29c61e9771
7d2bde4b550c48e86e4d1c6a106d195b5a259f74e2ceeab0772712d356ae7eb9

HTTP Headers

GET /assets/images/home/change_address.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44735
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "74d-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/733A)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 935
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/holdmail.svg

192.229.221.165

200 OK

768 B

URL HTTP/2
www.usps.com/assets/images/home/holdmail.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
768 B (768 bytes)
Hash
2f40bbb9da0d97f2ba3f3efcfd7533af
34c76f88cdda4be234b58a76e466bc7a972f14ea
f1d176e77951f74582e7e311d99f98f7ce582bdb30051987f257eb3393ee2069

HTTP Headers

GET /assets/images/home/holdmail.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44737
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "5a8-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7EFC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 768
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/shipping-supplies.svg

192.229.221.165

200 OK

1.3 kB

URL HTTP/2
www.usps.com/test/nav/images/shipping-supplies.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.3 kB (1282 bytes)
Hash
7a8b39b328ba3e776e643f66844896e8
7a400d0f33c592651da919c728a30e46207a9449
05140d52bba76b4464360b852c3b78227cc2865c4512bf0010ee666f0c985f99

HTTP Headers

GET /test/nav/images/shipping-supplies.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44267
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "9f8-560f10eaa9b40+gzip"
last-modified: Fri, 22 Dec 2017 17:22:13 GMT
server: ECAcc (dcb/731F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1282
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/utility_customer_service.png

192.229.221.165

200 OK

1.3 kB

URL HTTP/2
www.usps.com/assets/images/home/utility_customer_service.png
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1307 bytes)
Hash
3500d365cd94527c71fe9c70d5cda435
0c7bede628d74cefaf5fce1b675c0ce3c72c78c9
34b28a24c5414dab68a15be6613536d905faf33fbf1aed8ee4702caa60be9bca

HTTP Headers

GET /assets/images/home/utility_customer_service.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 44178
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "51b-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7EB6)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1307
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/cards-and-envelopes.svg

192.229.221.165

200 OK

1.1 kB

URL HTTP/2
www.usps.com/test/nav/images/cards-and-envelopes.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1056 bytes)
Hash
5d63c3636efb2bbcb327ed13b714367b
c7e326811c101213173c2a585d1e9700731816ed
c63dd4b3239df8b0709202228ad62b9e06ec96c346d8f86f9e33a554973b795f

HTTP Headers

GET /test/nav/images/cards-and-envelopes.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 6547
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "8a9-560f10e8c16c0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:11 GMT
server: ECAcc (dcb/7F6F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1056
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/collectors.svg

192.229.221.165

200 OK

561 B

URL HTTP/2
www.usps.com/test/nav/images/collectors.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
561 B (561 bytes)
Hash
8439e88bd2e43656b157f9c184635032
ddcb40776177a5eac36973e53f2f8bab73e65ea3
5ea3f924c3453a9b8a3f79251377f385f83c8cf9618129427795adf186b9338e

HTTP Headers

GET /test/nav/images/collectors.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44654
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "461-560f10f803ac0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:27 GMT
server: ECAcc (dcb/7FEB)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 561
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/gifts.svg

192.229.221.165

200 OK

590 B

URL HTTP/2
www.usps.com/test/nav/images/gifts.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
590 B (590 bytes)
Hash
e97f9908f9eef2a76ea4f48e00196980
f32d5a4b791567c690ea7095d93bec78e422db40
ad60c73a39b0fcd4b311654aab6f3954edb03f37034ad5567cf9f69d63d905f4

HTTP Headers

GET /test/nav/images/gifts.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44344
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "3ee-560f10e9b5900+gzip"
last-modified: Fri, 22 Dec 2017 17:22:12 GMT
server: ECAcc (dcb/7378)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 590
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/location.svg

192.229.221.165

200 OK

1.2 kB

URL HTTP/2
www.usps.com/assets/images/home/location.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1209 bytes)
Hash
9d8433f178d5a7b839a8bf25552c62b0
c21cec68e524862992f4aa51bf6955b953a65112
d01cb5a23f9b7f4a0a3db27cfd3d90e3813e75ed498fdbabe4df3a859390bd4f

HTTP Headers

GET /assets/images/home/location.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44263
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "a1a-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7F25)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1209
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/business.svg

192.229.221.165

200 OK

689 B

URL HTTP/2
www.usps.com/test/nav/images/business.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
689 B (689 bytes)
Hash
3b81ef43fc5b08bab4155c5fed116dc9
a5a804fb2f8f51b3e588d4edb01752eba0380f8d
a513b0f2fb200e9cf7b30ccfbde98f79e87a027c256d99f3159ad22dcb5cc4cb

HTTP Headers

GET /test/nav/images/business.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44681
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "4d2-560f10e7cd480+gzip"
last-modified: Fri, 22 Dec 2017 17:22:10 GMT
server: ECAcc (dcb/7FBE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 689
X-Firefox-Spdy: h2

www.usps.com/global-elements/header/images/utility-header/mailman.svg

192.229.221.165

200 OK

904 B

URL HTTP/2
www.usps.com/global-elements/header/images/utility-header/mailman.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
904 B (904 bytes)
Hash
e4bb1afb6143cb1307585f007399e0e4
7d28cd35cbdb8427d4a12274c3f455e57f4742e0
06410c31087cff92e7842a2e6aaef3b5b114192f77e2b652283250fdca6d5e30

HTTP Headers

GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 44737
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "723-55885af730a40+gzip"
last-modified: Wed, 06 Sep 2017 13:54:41 GMT
server: ECAcc (dcb/7311)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 904
X-Firefox-Spdy: h2

fast.fonts.net/t/1.css?apiType=css&projectid=f3e4655b-fd06-4b8b-8a25-01c859692612

104.17.225.78

200 OK

0 B

URL HTTP/1.1
fast.fonts.net/t/1.css?apiType=css&projectid=f3e4655b-fd06-4b8b-8a25-01c859692612
IP
104.17.225.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/1.css?apiType=css&projectid=f3e4655b-fd06-4b8b-8a25-01c859692612 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 0
Connection: keep-alive
x-amz-id-2: H0w8z7lAKij/clTzwyZKzc3BdGACMUW2s4Gvg4qL+k0xifyffZTTRn6gNw2N5+zZBQnWdh3Ktqc=
x-amz-request-id: JGYH7EQ40SNTMQW3
Last-Modified: Tue, 23 Mar 2021 12:59:23 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Cache-Control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
CF-Cache-Status: HIT
Age: 505376
Accept-Ranges: bytes
Set-Cookie: __cf_bm=aXtRzcs5hZwolFWmdiYyk1AqLewnkq1auDj_YrNHqS8-1670160896-0-Ae+z2AgpUZUBdZcgikFDASjFdbJNpapkhfxZBRcaVMF4jUUoC3/kLgVV++vTNVGzkOBImYURSPywD+9NVDPVBWw=; path=/; expires=Sun, 04-Dec-22 14:04:56 GMT; domain=.fonts.net; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7744ec254d38b527-OSL

uspsexpressways.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff

31.22.4.94

200 OK

59 kB

URL HTTP/1.1
uspsexpressways.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
Web Open Font Format, TrueType, length 58690, version 1.0\012- data
Size
59 kB (58690 bytes)
Hash
a6e2d3921c9ea0fd81897d9ae7a33ba4
bc31969f2fb1926a15cd678b3e573c37a44e5421
f2e2ef638dd9aac863f0f6027ceb784cd4c5a14a676bed909c8f2ac4b088d510

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uspsexpressways.com/global-elements/footer/css/main-sb.css

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: font/woff
Content-Length: 58690
Connection: keep-alive
Last-Modified: Thu, 09 Oct 2014 23:18:06 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT

uspsexpressways.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff

31.22.4.94

200 OK

52 kB

URL HTTP/1.1
uspsexpressways.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
Web Open Font Format, TrueType, length 51685, version 1.0\012- data
Size
52 kB (51685 bytes)
Hash
a93e96be336c174933e68ef61d56e0d3
48f7a75a367904ff4a9a79689a508e29edda462c
cc469406025b7ce0913cdefc664007cd0fc46bc66a740dc7aff67cc041bccde0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uspsexpressways.com/global-elements/footer/css/main-sb.css

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: font/woff
Content-Length: 51685
Connection: keep-alive
Last-Modified: Thu, 09 Oct 2014 23:18:02 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT

uspsexpressways.com/assets/images/welcome/scroll-red.png

31.22.4.94

200 OK

1.5 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/welcome/scroll-red.png
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1540 bytes)
Hash
dded8e2e38057ea9183ff095bc2e6ced
e12ce587f18839ed139d59774e5fef8b793dbfd7
a3bb919a80dae6a64cb25fd18e689acae58a81737e21abfbbc851b83c60bf578

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/images/welcome/scroll-red.png HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/assets/css/welcome/welcome-styles.css

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/png
Content-Length: 1540
Connection: keep-alive
Last-Modified: Thu, 05 Sep 2019 01:38:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 13:08:58 GMT
cache-control: public,max-age=3600
age: 1558
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2585
Cache-Control: max-age=159300
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:34:56 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:49:56 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

www.usps.com/global-elements/header/script/search-fe.js

192.229.221.165

200 OK

930 B

URL HTTP/2
www.usps.com/global-elements/header/script/search-fe.js
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (2264), with no line terminators
Size
930 B (930 bytes)
Hash
044ed97a28abfb41b4962d4be4f1a9a2
376bd4af5ff97565cf9565904b615bffbea08690
19c16113aa7d624c43ffefd992d78b420fc3a195d99578684d0abf52fbabce71

HTTP Headers

GET /global-elements/header/script/search-fe.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 71833
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Sun, 04 Dec 2022 13:34:56 GMT
etag: "8d8-5d77081c47c40+gzip"
last-modified: Mon, 07 Feb 2022 16:58:17 GMT
server: ECAcc (dcb/7FD8)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 930
X-Firefox-Spdy: h2

uspsexpressways.com/assets/images/welcome/premium/tracking-red-hat.jpg

31.22.4.94

200 OK

112 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/welcome/premium/tracking-red-hat.jpg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1800x400, components 3\012- data
Size
112 kB (111908 bytes)
Hash
6127cf6e22ebeea21cfd42851255232f
33e622867de2827d1309c9eb8ef36245d81d2b1b
e55a33e8037278cc3540b7a93c14b4298d39b9cfd1ba1c94a3704dd2836cc1c2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/images/welcome/premium/tracking-red-hat.jpg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/jpeg
Content-Length: 111908
Connection: keep-alive
Last-Modified: Fri, 28 Feb 2020 07:10:42 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/global-elements/footer/images/social-twitter_2.png

31.22.4.94

200 OK

1.8 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/footer/images/social-twitter_2.png
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
PNG image data, 50 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
4f6b06552f2054fecb5a3ab3956d7a79
c1257b76200738ad53147be110920f84efd479b3
248385895aacd78d7a7b045cd5109103c2f849bbaef9cff5980d59823a620c91

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /global-elements/footer/images/social-twitter_2.png HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/png
Content-Length: 1842
Connection: keep-alive
Last-Modified: Thu, 02 Mar 2017 09:30:36 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/global-elements/footer/images/social-facebook_1.png

31.22.4.94

200 OK

1.9 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/footer/images/social-facebook_1.png
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1873 bytes)
Hash
5d1fed200f7befa569074a293cf2abed
11bacbc9debe99986d9a6e974e9a819aaa74be29
9d0ef8aa34abec770b6a9fb4358842a29413d08c0d1e4b74f5c4c31ab477c14c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /global-elements/footer/images/social-facebook_1.png HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/png
Content-Length: 1873
Connection: keep-alive
Last-Modified: Thu, 02 Mar 2017 09:30:34 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/assets/images/welcome/featured/small-business-man.jpg

31.22.4.94

200 OK

79 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/welcome/featured/small-business-man.jpg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 670x450, components 3\012- data
Size
79 kB (79271 bytes)
Hash
55e7fcdae6ed248b3dee2b201e021e5c
58b4e59a1bc515c287723771bec291857c8a5c03
e9a1f383065757d623112d5c3d7a26eaf87b9688e91135b2776bfae978edd07c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/images/welcome/featured/small-business-man.jpg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/jpeg
Content-Length: 79271
Connection: keep-alive
Last-Modified: Thu, 20 Feb 2020 05:27:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/global-elements/footer/images/social-pinterest_6.png

31.22.4.94

200 OK

2.3 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/footer/images/social-pinterest_6.png
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2325 bytes)
Hash
010bf7d7901ccaa3905cfe4b7c1cb50d
9c174f76a3ed50a173637d44793d6bc15a818112
67d664b844fdba0588665c6f1986b25fcb6d99e5122a455c36da8622f1eaab62

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /global-elements/footer/images/social-pinterest_6.png HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/png
Content-Length: 2325
Connection: keep-alive
Last-Modified: Thu, 02 Mar 2017 09:30:36 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/assets/images/welcome/featured/tax-day-form.jpg

31.22.4.94

200 OK

306 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/welcome/featured/tax-day-form.jpg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 670x450, components 3\012- data
Size
306 kB (305741 bytes)
Hash
d228b5f38d5ae032b422647a25301658
13ffaea60c7cdb3b749cb7262949496902583229
a6b5e9e54d9cfbda8d769d84fab56b1ed18486edeea3371990fb1196adde503b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/images/welcome/featured/tax-day-form.jpg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/jpeg
Content-Length: 305741
Connection: keep-alive
Last-Modified: Thu, 30 Jan 2020 08:11:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/component-guide/blue-caret.svg

31.22.4.94

200 OK

406 B

URL HTTP/1.1
uspsexpressways.com/component-guide/blue-caret.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
406 B (406 bytes)
Hash
ea4d46a84b6414d0bff8dc646862e321
71a6ac4c80e81a2915007dc290e1678eb5ccc4c3
66531de5f715bb0c28748c5d0427a2d9ad9b730ed24642d96e78c3e2601ecb48

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /component-guide/blue-caret.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/assets/css/welcome/welcome-styles.css

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 17 May 2018 01:56:56 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/global-elements/footer/images/social-youtube_3.png

31.22.4.94

200 OK

2.5 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/footer/images/social-youtube_3.png
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
PNG image data, 50 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2461 bytes)
Hash
e38ff6af4b8ff088fcb2dc92410b759b
529c88413dbc330fa05a0629b2084ca7931f453e
c2b609bbc0ed5b17740df6ab378bfcbe068e3b08d85e85b2d9dfbe6dd3c6be95

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /global-elements/footer/images/social-youtube_3.png HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/png
Content-Length: 2461
Connection: keep-alive
Last-Modified: Thu, 02 Mar 2017 09:30:36 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/assets/images/home/hamburger.svg

31.22.4.94

200 OK

304 B

URL HTTP/1.1
uspsexpressways.com/assets/images/home/hamburger.svg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Size
304 B (304 bytes)
Hash
173ff73d79a4cbf6dfc6fe3e78cd7087
5dd40eabc0348c3f1e664a85fd90cafff4d362b7
ffb551c02d59dbf0f2521fd76cf33768d33d39e9d47b3c2e1599e72d0023500c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /assets/images/home/hamburger.svg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 25 Feb 2017 11:46:08 GMT
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2022 13:34:56 GMT
Content-Encoding: gzip

uspsexpressways.com/global-elements/footer/images/logo-mini-sb.png

31.22.4.94

200 OK

24 kB

URL HTTP/1.1
uspsexpressways.com/global-elements/footer/images/logo-mini-sb.png
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
PNG image data, 135 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (23625 bytes)
Hash
43707dd65a8c8ec7754b7b45fd483488
f258a5de57dfa37baf13296da6055e8f8881d742
585262db6911000f59795831f9db7bb41477bcafb135c82b51b0473363134fcf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /global-elements/footer/images/logo-mini-sb.png HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/global-elements/footer/css/footer-sb.css

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/png
Content-Length: 23625
Connection: keep-alive
Last-Modified: Fri, 16 Oct 2015 01:57:50 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/assets/images/welcome/carousel/stamps-dotcom-cd.jpg

31.22.4.94

200 OK

38 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/welcome/carousel/stamps-dotcom-cd.jpg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 626x277, components 3\012- data
Size
38 kB (37591 bytes)
Hash
511fb690decd7b11713f0db0e5f1f0e3
8c48a3d6c7c71cb38e52956bcf57aea25abe894e
1d2cbee6b2363d119a0ab9436fc253bb6a44ff11a20407e1b538aeb269552dd7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/images/welcome/carousel/stamps-dotcom-cd.jpg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/jpeg
Content-Length: 37591
Connection: keep-alive
Last-Modified: Thu, 13 Feb 2020 03:28:20 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/assets/images/welcome/carousel/supplies-dotcom-cd.jpg

31.22.4.94

200 OK

31 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/welcome/carousel/supplies-dotcom-cd.jpg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 626x277, components 3\012- data
Size
31 kB (30560 bytes)
Hash
a76d83e05ffbe81e981895acd613cc4a
b3189833cca68101c04c07def30ab92236c6d562
f72d373a4d6a1aaca650409e56cbef2482a18c0c6525d8019651a51d65613342

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/images/welcome/carousel/supplies-dotcom-cd.jpg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/jpeg
Content-Length: 30560
Connection: keep-alive
Last-Modified: Thu, 13 Feb 2020 03:28:20 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/assets/images/welcome/featured/passport-woman-with-passport.jpg

31.22.4.94

200 OK

180 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/welcome/featured/passport-woman-with-passport.jpg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 670x450, components 3\012- data
Size
180 kB (180461 bytes)
Hash
3f7606d99366a99c3b1b779feb294764
f6932dcc1b834fe960ef28f142bcc5d2df8815a9
60bc22bb226818950a59f369c32355f285e93a679ee674fdcc7c906986640932

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/images/welcome/featured/passport-woman-with-passport.jpg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/jpeg
Content-Length: 180461
Connection: keep-alive
Last-Modified: Fri, 14 Jun 2019 00:02:14 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

uspsexpressways.com/assets/images/welcome/carousel/gifts-dotcom-cd.jpg

31.22.4.94

200 OK

45 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/welcome/carousel/gifts-dotcom-cd.jpg
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 626x277, components 3\012- data
Size
45 kB (45116 bytes)
Hash
792484ca150932c0b4e23907c12db830
fbadf89faa40e56b712fd4a3623a7783db8cf860
be190ecfb960f75984ad1bd18bc555256c5b6466a10534000b46428205db2c17

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/images/welcome/carousel/gifts-dotcom-cd.jpg HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/jpeg
Content-Length: 45116
Connection: keep-alive
Last-Modified: Thu, 13 Feb 2020 03:28:20 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 03 Jan 2023 13:34:56 GMT

push.services.mozilla.com/

52.34.4.233

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.34.4.233:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: a+gvfPRhW7gtQbDIWMtnUQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eLySxsUwWbhhT15C3zW8F8wu61A=

www.usps.com/global-elements/lib/script/helpers.js

192.229.221.165

200 OK

358 B

URL HTTP/2
www.usps.com/global-elements/lib/script/helpers.js
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (695), with no line terminators
Size
358 B (358 bytes)
Hash
a94bd840611f82766bdd01435e0325d4
195b9eccc89fd504aaa416ecfc05b277e3b1862b
c9df217c213bc4a79f26f7996533f4e02e031f82d7f1b88ccdc0f39504573d46

HTTP Headers

GET /global-elements/lib/script/helpers.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 4681
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Sun, 04 Dec 2022 13:34:57 GMT
etag: "2b7-505dad4fe5380+gzip"
last-modified: Mon, 20 Oct 2014 13:38:38 GMT
server: ECAcc (dcb/7338)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 358
X-Firefox-Spdy: h2

www.usps.com/global-elements/lib/script/require-jquery.js

192.229.221.165

200 OK

74 B

URL HTTP/2
www.usps.com/global-elements/lib/script/require-jquery.js
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
ASCII text, with no line terminators
Size
74 B (74 bytes)
Hash
ea38e8196b75d9720bc3902d6d735130
165284464c58d7f213c1211f2c433873299e4527
cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9

HTTP Headers

GET /global-elements/lib/script/require-jquery.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 30484
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Sun, 04 Dec 2022 13:34:57 GMT
etag: "4a-5057c23aa4c00"
last-modified: Wed, 15 Oct 2014 20:40:16 GMT
nncoection: close
server: ECAcc (dcb/7F20)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 74
X-Firefox-Spdy: h2

uspsexpressways.com/assets/images/home/favicon.ico

31.22.4.94

200 OK

6.2 kB

URL HTTP/1.1
uspsexpressways.com/assets/images/home/favicon.ico
IP
31.22.4.94:0
ASN
#34119 Wildcard UK Limited

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
6.2 kB (6162 bytes)
Hash
32f123681f635c4d323a354ee7e505d6
3d3a4f5c0d8370a7231b3102e8c171b2b48252d1
041bf7a984241155993beef5e21d3bf9a332db5002bd3a8dd83cc5933a8185bc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
urlquery	phishing	Phishing - US Postal Service
openphish	United States Postal Service

HTTP Headers

GET /assets/images/home/favicon.ico HTTP/1.1
Host: uspsexpressways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uspsexpressways.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 13:34:56 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 07 Feb 2017 07:18:56 GMT
Cache-Control: max-age=2592000, public
Expires: Tue, 03 Jan 2023 13:34:56 GMT
Content-Encoding: gzip

www.usps.com/global-elements/lib/script/jquery/dist/jquery.min.js

192.229.221.165

200 OK

33 kB

URL HTTP/2
www.usps.com/global-elements/lib/script/jquery/dist/jquery.min.js
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (32086)
Size
33 kB (33326 bytes)
Hash
e3dbfd0916101405f394d5ce2ba4008d
ac3157ca2cfc8338508d35e789e200421732608d
37ca2e391ff177a51b7ca0f84e77a9485f1ebf63835d68149cf1b4e32f804927

HTTP Headers

GET /global-elements/lib/script/jquery/dist/jquery.min.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 5745
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Sun, 04 Dec 2022 13:34:57 GMT
etag: "176b1-504838ea5a300+gzip"
last-modified: Fri, 03 Oct 2014 12:06:04 GMT
nncoection: close
server: ECAcc (dcb/7ED4)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 33326
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2771
Expires: Sun, 04 Dec 2022 14:21:09 GMT
Date: Sun, 04 Dec 2022 13:34:58 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2771
Expires: Sun, 04 Dec 2022 14:21:09 GMT
Date: Sun, 04 Dec 2022 13:34:58 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2771
Expires: Sun, 04 Dec 2022 14:21:09 GMT
Date: Sun, 04 Dec 2022 13:34:58 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2771
Expires: Sun, 04 Dec 2022 14:21:09 GMT
Date: Sun, 04 Dec 2022 13:34:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16143 bytes)
Hash
14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 22097
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4666 bytes)
Hash
c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 57057
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7728 bytes)
Hash
027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:02:47 GMT
age: 55931
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.usps.com/global-elements/lib/scriptindex.htmlresize-manager.js

192.229.221.165

404 Not Found

19 kB

URL HTTP/2
www.usps.com/global-elements/lib/scriptindex.htmlresize-manager.js
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
data
Size
19 kB (18568 bytes)
Hash
6a7cd9b9c573f220ee8de7fa67c6dae9
03e5c097241ba4cc8d831a27f3e2c21abd6d2e82
46be8894571057a6e1362d85c252a3d9b42c19fd7d9aab5fb68aab51c8832c92

HTTP Headers

GET /global-elements/lib/scriptindex.htmlresize-manager.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uspsexpressways.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
cache-control: private
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: text/html
date: Sun, 04 Dec 2022 13:34:58 GMT
server: USPS
set-cookie: TLTSID=9211d5688ae1162d9e0c00e0ed96ae55; path=/; domain=.USPS.com; Secure;
NSC_xxx-bcpvu-mc_443=ffffffff3b22363345525d5f4f58455e445a4a4212d3;path=/;secure;httponly
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7503 bytes)
Hash
c1a6f4805f59db44f9d3520d88701a58
6a0258e8c97ce09f1723382c8a16d9682b7dc50c
ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7503
x-amzn-requestid: a4120308-c51e-4cff-99c2-90e86018b05d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZjCGkVIAMFpsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a2e0-6fdf362a6d32449239476155;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dy619jlSTwCjwDhGuLmwTMcmuYj1Kg2oLA7xORyAYX8IHWimhNo6pw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:16:07 GMT
age: 22731
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5681 bytes)
Hash
43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 56540
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations