Report - usps-1cl.pages.dev/

Report Overview

Submitted URL
usps-1cl.pages.dev/
IP
172.66.47.149
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-05 05:39:18
Access
public
Website Title
Verification | USPS®
Final URL
usps-1cl.pages.dev/
Tags
usps logistics phishing
urlquery detections
Phishing - US Postal Service

Detections

urlquery
32
Network Intrusion Detection
0
Threat Detection Systems
98

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cloudflareinsights.com	84344	2019-08-30	2020-10-23	2024-05-03	1.0 kB	1.4 kB	104.16.80.73
fast.fonts.net	2905	1999-03-03	2013-07-13	2024-05-04	474 B	849 B	104.16.40.28
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-05-04	422 B	20 kB	104.16.79.73
usps-1cl.pages.dev	unknown	unknown	No data	No data	22 kB	1.4 MB	172.66.44.107
www.usps.com	11794	1997-07-10	2012-05-24	2024-05-02	13 kB	83 kB	192.229.221.165

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service
2024-05-04	medium	usps-1cl.pages.dev/	United States Postal Service

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	usps-1cl.pages.dev/	271 B	2024-05-05	2024-05-05
Pretty URL usps-1cl.pages.dev/ IP 172.66.44.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-05 07:39:25 Last Seen2024-05-05 07:39:25 Times Seen1 Hash 253bd4c07933e73a9390e53d760d1370 3df2d835305546335c5644bcd615a8c3c6d14003 6459a6d14f05d5f23e3580cf4042600d30f3a1ac80f53d33a7249f3652dd5399 Loading...

	static.cloudflareinsights.com/beacon.min.js	19 kB	2024-04-24	2024-05-18
Pretty URL static.cloudflareinsights.com/beacon.min.js IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:56:41 Last Seen2024-05-18 17:30:23 Times Seen2449 Hash 4c980ee97cb5c001b4d19e2895fa5603 2c6fe998aa7486c4becd74cf253bdd82666a64c3 d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192 Loading...

	usps-1cl.pages.dev/jquery.min.js	90 kB	2023-03-07	2024-05-18
Pretty URL usps-1cl.pages.dev/jquery.min.js IP 172.66.44.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-18 16:27:03 Times Seen274892 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	usps-1cl.pages.dev/megamenu-v3.js	13 kB	2023-03-07	2024-05-16
Pretty URL usps-1cl.pages.dev/megamenu-v3.js IP 172.66.44.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:02 Last Seen2024-05-16 18:16:24 Times Seen3037 Hash b62e27b15837b70e7dab99846ac90ab3 9a49415c5e47149a5324705eaf78b4b68ce10edf 50764694ee2da70f2d3ce0e8340eca39b9e2760d293b47e4355c690a4769e781 Loading...

	usps-1cl.pages.dev/bootstrap.min.js	59 kB	2023-03-07	2024-05-18
Pretty URL usps-1cl.pages.dev/bootstrap.min.js IP 172.66.44.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-05-18 15:49:39 Times Seen3480 Hash 259e416ef6833be43801b8b68a93b008 19080c3b817985336aab5e1ce6925c99803f2efd 70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce Loading...

	usps-1cl.pages.dev/	52 B	2023-03-09	2024-05-08
Pretty URL usps-1cl.pages.dev/ IP 172.66.44.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 03:17:55 Last Seen2024-05-08 18:00:24 Times Seen3523 Hash 15c41ab852d2f96d6caafceb1b2fdf54 b827d336116bf188232f345f750f1e3e9012082a 0a678cc287c455b4433d05ba311acfe1924f72eb77422b6f6759f24fd4dab953 Loading...

	usps-1cl.pages.dev/	244 B	2024-05-05	2024-05-05
Pretty URL usps-1cl.pages.dev/ IP 172.66.44.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-05 07:39:25 Last Seen2024-05-05 07:39:25 Times Seen1 Hash c696e814b6b1f3ae21c9b5b4827753eb d614090305314870d45c481f0ca0dd65f9060347 d7d722b3612a6ecba97ee242f941319303703537be1ee7ab7c06fa3a45477cb9 Loading...

		Size	First Seen	Last Seen
	#1 Write - 07811dc6c422334ce36a09ff5cd6fe71	4 B	2023-03-11	2024-05-18
Pretty Observations First Seen2023-03-11 11:15:57 Last Seen2024-05-18 17:44:48 Times Seen2388 Hash 07811dc6c422334ce36a09ff5cd6fe71 7e79a3af2634de6635e59c9404d251b3955d39f9 6557739a67283a8de383fc5c0997fbec7c5721a46f28f3235fc9607598d9016b Loading...

HTTP Transactions (80)

URL IP Response Size

usps-1cl.pages.dev/css

172.66.44.107

200 OK

13 kB

URL GET HTTP/3
usps-1cl.pages.dev/css
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
ASCII text
Size
13 kB (13320 bytes)
Hash
60f79f340fd2df08847a87949c0eb97f
195cd96af5b25ecf38258b6fb8bb58c4593d4eef
65a9ab83f88523ff5f3827df15ed9a0a91c1bb99d4e20d34b9a1d7c8442f05a5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /css HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: application/octet-stream
content-length: 13320
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9cdd78faca92615dbc795acd84e01ebc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y58MGBmtPkKxjDeh4m9c4zK2TPP3thk%2BqBe7s9wnc0ReyqwHAZHX72H8xEkNF7dFa5C4xW6aoUi0RYRU9%2BwBznK6pjnKp0DASHjglA0VqmBKPWn4oFdbjRoOKaoJwEwaIFJqxkw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303dcbb5696-OSL
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/go-now(3).png

172.66.44.107

200 OK

20 kB

URL GET HTTP/3
usps-1cl.pages.dev/go-now(3).png
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced
Size
20 kB (19969 bytes)
Hash
6311ef7a60f86d77aa48fcc48a675a31
96bc8b2fe87b126ffbf0d7b7ad8419661cb6bd9c
70d715475fb0a4756fc65c50cbb2cf0ca15f7311efc6c54b18e045e6ab202251

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /go-now(3).png HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/png
content-length: 19969
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "127774f46c6fe0a5be34e6ea0314b054"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sYjn7m%2BuBWccGZzMiMB4wlJzS0lj9jbgOcHikFY%2F%2BX0o28QADMZW%2BJtwV%2FaK55chCARX8yQHmKUGNngq4AOb%2BT5Fr9EsZ5sTp1grDm9aSlrtD0BU7vmfp9g%2BEDipcIiXzpYPldE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63041d065696-OSL
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/go-now(2).png

172.66.44.107

200 OK

20 kB

URL GET HTTP/3
usps-1cl.pages.dev/go-now(2).png
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
PNG image data, 195 x 167, 8-bit/color RGBA, non-interlaced
Size
20 kB (19481 bytes)
Hash
2de2fdd02c6b6d71e73e331544c6a5ee
83902e3bde44ba9f0a8aedf4b74ba34a4821ddea
e0e7dbe39381b4d75660b091499377fa1962dc194370b09470e9b80d19526f07

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /go-now(2).png HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/png
content-length: 19481
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "46d59a9adb259b56685fb86c2ff0877a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=50iMrkcRrzs2AYXRaJ4jcduaFzD1MLclAKWnWUGCFKexXddcBwrDUNDGAtMCcJAYw%2Fhc6DPF7B1zjGauEdlQk2EaRXOeomHtn1peVgHpWRZUxzs%2F43mT2jdgVH8574m3%2B12hO%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63041cff5696-OSL
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/go-now.png

172.66.44.107

200 OK

20 kB

URL GET HTTP/3
usps-1cl.pages.dev/go-now.png
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
PNG image data, 210 x 142, 8-bit/color RGBA, non-interlaced
Size
20 kB (20334 bytes)
Hash
d0dad9004bae0df70b06b75557b1df62
4a080764de6b97902413f5c836432a30da348517
2ff8048ab175abf501e134d00a973ca31a7b0de09c2777eab0a2c9dc07ca0289

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /go-now.png HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/png
content-length: 20334
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "b961eb6137bc8c31aa187fc29681a728"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PD0R3zytxrfE2lKkorjG47EWW0V5MQqxV2Zmb4L0m%2FN4ZliIDvVbVJrdMjkOft8C1tJMLLJyHnCu7Phv6NHmMz5tQ%2FsVNNpMA9PifB8oJ7TElR9wQgJxlveHv2SfW8yIOfQVhoM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63040cf95696-OSL
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/go-now(1).png

172.66.44.107

200 OK

8.0 kB

URL GET HTTP/3
usps-1cl.pages.dev/go-now(1).png
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced
Size
8.0 kB (8026 bytes)
Hash
49754396635190a6532dd376acc76ee1
526df243e2adbf5719b082c5e04190ed40209ccd
0962cc2915393132882747bf55b069572324019764af92ec02d5d0249bfdff99

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /go-now(1).png HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/png
content-length: 8026
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "24d52f2ac445eebf325bc0021f4c2edd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TDRL099UxaAJdjsSy8TXKNLRgNa3xDVKJuVxP6Oqb6xuShU06XobPb7lKfgE0RIRLiiE%2FYPJEPrwK9%2B%2BsOwOnFGFDAeJHOteq5iPbyayKu5SdT5tutVm1rBYutcPWpKJW8xojyw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63040cfa5696-OSL
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/go-now(4).png

172.66.44.107

200 OK

22 kB

URL GET HTTP/3
usps-1cl.pages.dev/go-now(4).png
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced
Size
22 kB (22133 bytes)
Hash
22ab573e325c944450873345437b0887
0446e4d20c824d38ef4d427cf7e025c8f034f11a
d8573e3e13b1fb40173ea39d5e7fc1b935ae1239b9ca37ac3d7fedf3d966f4ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /go-now(4).png HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/png
content-length: 22133
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "6e603ded2d3673839edcc5577ca82270"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36T3akg241Guw%2BWSNKPghdOJrYSkO5u96MEhG3zdVwg401epPfyB8q354DG3p90KyEkMVdYQbTBNJJkGbO7%2Bb9v41pMPHADgvZ8qt%2BWW%2FIyhmt4zf2kTVq%2BJ74KScqiaJImL%2BVk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63042d145696-OSL
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/social-facebook_1.png

172.66.44.107

200 OK

1.9 kB

URL GET HTTP/3
usps-1cl.pages.dev/social-facebook_1.png
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
1.9 kB (1873 bytes)
Hash
5d1fed200f7befa569074a293cf2abed
11bacbc9debe99986d9a6e974e9a819aaa74be29
9d0ef8aa34abec770b6a9fb4358842a29413d08c0d1e4b74f5c4c31ab477c14c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /social-facebook_1.png HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/png
content-length: 1873
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "bda31b9f2905aa787ce4a2e0f9644643"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L62Ap7shJ3Ke7fIZm8XQ7w2wYdymnkoT3QKGBwX3uAFGahkIbipoVrS5WV0j2IA%2FiYQ0JKdXcCrxApbnqYNim3Kd3Gs9o5OgCpFcYevgCKkbvkISMShf3QND7YlSiwzbgJfL0GY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63044d355696-OSL
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/social-twitter_2.png

172.66.44.107

200 OK

1.8 kB

URL GET HTTP/3
usps-1cl.pages.dev/social-twitter_2.png
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
PNG image data, 50 x 48, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1842 bytes)
Hash
4f6b06552f2054fecb5a3ab3956d7a79
c1257b76200738ad53147be110920f84efd479b3
248385895aacd78d7a7b045cd5109103c2f849bbaef9cff5980d59823a620c91

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /social-twitter_2.png HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/png
content-length: 1842
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "4c4c80e2a945b5fc1e169307fe1f1160"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XalD6QOc1aAJGNO0rkCGZMbJ4ObyG8iUQnHmTABScI3twRkhjRjGWo2JtfvkW%2F24a1XE9F9%2FxVl%2BhrFnAianSQnjMfQBgcr3yRiAwG0Jr6sMcWHQd51k%2FSQtg%2F0zdhGlfbKCc90%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63047d5b5696-OSL
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/social-youtube_3.png

172.66.44.107

200 OK

2.5 kB

URL GET HTTP/3
usps-1cl.pages.dev/social-youtube_3.png
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
PNG image data, 50 x 35, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2461 bytes)
Hash
e38ff6af4b8ff088fcb2dc92410b759b
529c88413dbc330fa05a0629b2084ca7931f453e
c2b609bbc0ed5b17740df6ab378bfcbe068e3b08d85e85b2d9dfbe6dd3c6be95

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /social-youtube_3.png HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/png
content-length: 2461
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "a99a8251090a480bc78212e551a52bf8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H2A3O1PwsreR9tJoDSj%2BREHLBLbzlqaC%2FDRU3s16So2Oego5fy%2BMjtXpO71rlCsbNanvitsC9Gy40eYkliOWnYz0sMYB8xG%2BlGAAtn1WZLHuEXox4WIvr0IMb7i0JdG4EUtPO8I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63047d5f5696-OSL
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/social-pinterest_6.png

172.66.44.107

200 OK

2.3 kB

URL GET HTTP/3
usps-1cl.pages.dev/social-pinterest_6.png
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
2.3 kB (2325 bytes)
Hash
010bf7d7901ccaa3905cfe4b7c1cb50d
9c174f76a3ed50a173637d44793d6bc15a818112
67d664b844fdba0588665c6f1986b25fcb6d99e5122a455c36da8622f1eaab62

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /social-pinterest_6.png HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/png
content-length: 2325
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "fd2fa91cc34b2ce4030c158ab7dde4d9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qi1GvEffDeB1Q1N1vQCVSqt4QyXse2fbPjK4lOKCOxkFHGlD60jYurvq2%2FZusx7iNWIeAVPnrc7dlUHOb5YsRL4LuAyh5PcEIPlUVhGa%2BxieNk4CCQ7i3VT%2BgQsRi6j1b0mc0jA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63047d5e5696-OSL
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/megamenu-v4.css

172.66.44.107

200 OK

7.3 kB

URL GET HTTP/3
usps-1cl.pages.dev/megamenu-v4.css
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
ASCII text, with very long lines (44445), with CRLF line terminators
Size
7.3 kB (7252 bytes)
Hash
31aa5c3ebef1bb2e79cd8dee20262845
fd9ceb609f4c60e0e8c5561cb933c84a85af12b7
65e09ec697225883fb227b54f59a2c421b5af7a3b4f557770ab15d8934ff44ce

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /megamenu-v4.css HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"689875afe59dfc8f379640132cf39244"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=csQwP7hCnFGu6pH%2BI7gKIQOUl7yeRphxkkKoNIOAjxmQVdkozK0DZA1JqR9TFoXMHl4dCDz0E4prq54RvmJq8mYEuzsMavIbLGaD2N9ABYiAf2cmB7sLovRgDqEBZ%2FoHpyfqqOQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63043d2f5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff

192.229.221.165

403 Forbidden

345 B

URL GET HTTP/2
www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
XML 1.0 document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://usps-1cl.pages.dev/
Origin: https://usps-1cl.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Sun, 05 May 2024 05:38:52 GMT
server: ECAcc (ska/F779)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff

192.229.221.165

403 Forbidden

345 B

URL GET HTTP/2
www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
XML 1.0 document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://usps-1cl.pages.dev/
Origin: https://usps-1cl.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Sun, 05 May 2024 05:38:52 GMT
server: ECAcc (ska/F7BB)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/find_zip.svg

192.229.221.165

200 OK

793 B

URL GET HTTP/2
www.usps.com/assets/images/home/find_zip.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
793 B (793 bytes)
Hash
e30aab66bad715f4fef4b6c42f8490d2
40be7a560b0687cf57c7ef0c0600ca08203a680c
aa6ff55c203834f667cbb01cedb0d409ff3b8f1b5a4de8c89a79b2e7034a8001

HTTP Headers

GET /assets/images/home/find_zip.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76595
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "5bf-5494e7ed94c00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:08 GMT
server: ECAcc (dce/26CF)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 793
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/calculate_price.svg

192.229.221.165

200 OK

772 B

URL GET HTTP/2
www.usps.com/assets/images/home/calculate_price.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
772 B (772 bytes)
Hash
6204f7fb48ef86964b4b1cce343ebdde
d60b7e47e22615fdea2a24e102200090b466b862
edbb6a59137018b9a8229184aac04a2661787564cdf4484229bee96d7c11e771

HTTP Headers

GET /assets/images/home/calculate_price.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76034
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "8fe-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dce/26E1)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 772
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/location.svg

192.229.221.165

200 OK

1.2 kB

URL GET HTTP/2
www.usps.com/assets/images/home/location.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.2 kB (1209 bytes)
Hash
9b913bc84d41ec1c78da5889d36e1431
21b0075c9ec43a7ec769dde1d1ec8149b0686c0f
87d11356a8f76ef3af3c6d46bc4958cf3746e9a5b69e81d1df952b274319f539

HTTP Headers

GET /assets/images/home/location.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76699
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "a1a-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
nncoection: close
server: ECAcc (dce/2687)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1209
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/stamps.svg

192.229.221.165

200 OK

551 B

URL GET HTTP/2
www.usps.com/assets/images/home/stamps.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
551 B (551 bytes)
Hash
2e722b55bb31b83042310fbf5b45128d
cb6cd5c99c06ba8c04c7795dea4d13241eaaa045
0b68e5b64999ab2e6d137a1886410cc9e8bed0b3863aacd838a3eb008f2bb516

HTTP Headers

GET /assets/images/home/stamps.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76669
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "44f-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dce/26A6)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 551
X-Firefox-Spdy: h2

usps-1cl.pages.dev/2.css

172.66.44.107

200 OK

23 kB

URL GET HTTP/3
usps-1cl.pages.dev/2.css
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
ASCII text, with very long lines (43288)
Size
23 kB (22805 bytes)
Hash
4ee316fd51e5a78d53d5a0cea628e478
a83b38336bbfa7ab48cb0ef724e2eebd32d14b66
4f8624a1273b50e48a9cb7b9a37601888d16ce98021042e7173e1270375b1222

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /2.css HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a8fbe4d99777868cf30b0d01cc656f5d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n6rplg5fdYmdhqUXAGgdRmpLIiuNj5BvOe2eaCiCLgSBr9RcVpj4xLqDeOgyzmiJhJUc5vD6CI8w8v8Pu96UPqY4ESH9qWKz5XU89lT6okvwakwHOwLruYUPaLywW4XCL8j%2F%2B2s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303ecd05696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.usps.com/assets/images/home/tracking.svg

192.229.221.165

200 OK

844 B

URL GET HTTP/2
www.usps.com/assets/images/home/tracking.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
844 B (844 bytes)
Hash
2fb7b372aea93502ca192e5a633d1aa1
ce358703cce32b2176cf6ec94e17341cb6f93f03
58ad849f3ea489d0b2ee4f0dd1e4fd0b613a5248fd6b127a4479646ce4735593

HTTP Headers

GET /assets/images/home/tracking.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76647
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "619-5494e7f71e280+gzip"
last-modified: Fri, 24 Feb 2017 22:46:18 GMT
server: ECAcc (dce/2689)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 844
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/schedule_pickup.svg

192.229.221.165

200 OK

923 B

URL GET HTTP/2
www.usps.com/assets/images/home/schedule_pickup.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
923 B (923 bytes)
Hash
d627861a77e755da093cae9b4db00b7b
fc5ac7d6bc6bf06f53b399848be232b35aa2c5b1
2a5e1fdc8e264327be71c3063cc6bf1dd8a618576310a5d26dc31ba8d6f83616

HTTP Headers

GET /assets/images/home/schedule_pickup.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76680
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "6ef-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dce/2695)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 923
X-Firefox-Spdy: h2

usps-1cl.pages.dev/main-sb.css

172.66.44.107

200 OK

3.6 kB

URL GET HTTP/3
usps-1cl.pages.dev/main-sb.css
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
ASCII text, with very long lines (8795)
Size
3.6 kB (3626 bytes)
Hash
ff67eac943614ef903c2e84419a60f4c
565109b98747417724dafa5462a731c692178381
0863d2c590d46ad4b990232414eef23349ee4316ac4ccbf6f4618329539fb65a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /main-sb.css HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2a6d785d8bb28163d98231ac8cb3709a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNeikSF9zwth45Xc20Z4vjyG%2Buuwwz2CjpKzI9VYs%2F6wFVfxOoyjzanCxy3jyEC4UZseMU9tdqVT2j%2FiBiUbLalMMD0UJD9FJkKI%2FTzRl7%2FHMjs2cb2ydwqEE%2Fm%2FnMn1oE0iSRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303dcbe5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/bootstrap.min.js

172.66.44.107

200 OK

18 kB

URL GET HTTP/3
usps-1cl.pages.dev/bootstrap.min.js
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
JavaScript source, ASCII text, with very long lines (58940)
Size
18 kB (17944 bytes)
Hash
259e416ef6833be43801b8b68a93b008
19080c3b817985336aab5e1ce6925c99803f2efd
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /bootstrap.min.js HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"6eda9d187084150ce3b5d69e7a680c7b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qw7Xf0%2F%2FsOlbM8UVXDRiOjgL%2Fb7uPuSQwMN%2BFzqzzcSQnWiUcEYCKD%2BBlZa7uQwtBzk9UMFV16vo404Nb2Znq5ifuUjB8IKxg%2BFtQl7%2FX2y2a2VQy2%2FfeNH0WTYRFSjcO8RVWsU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303ecc55696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/logo-sb.svg

172.66.44.107

200 OK

2.7 kB

URL GET HTTP/3
usps-1cl.pages.dev/logo-sb.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
2.7 kB (2683 bytes)
Hash
0418f7120dc6cdd1d7aa0f8219ec9af2
3bb6c6edee3cc1c072117795611e2f67383cdc44
4b5aaf0dc8f59e71849219fae0a225aeb3914bebcc363753f22b5713627b0094

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /logo-sb.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7b88cbc299ec71cd953d9133f84518c8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nREB%2FWG%2F2CDCtnexVCcfBbXvsQGC0Pl9QfrPO2M5gTrnAXVkRslBhRlsimcBPsVk07mOhrllcx6qJijtND%2B3Jq7QX3Wi%2FecXQ5ieiN%2Frsw3Culyd1BLARtHtxU2qgsBCuxKr%2Fns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303ecd65696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/1.css

172.66.44.107

200 OK

36 kB

URL GET HTTP/3
usps-1cl.pages.dev/1.css
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
Unicode text, UTF-8 text, with very long lines (57908)
Size
36 kB (36228 bytes)
Hash
3cedb9d08fc26ca6e9f971e1e2d1a80a
afa0e7c3e0821f675d218a555da13f66c7f55761
701560b5adea4ee9765ff2bee9d79c3e62530040dbca9071927ea2b56e42e7b4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /1.css HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"1b741105c965d7e9541e1c1d4b98a895"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Po2T3v4535QSZaFUvUaxTcdBdibGifbCDDD3Sybdsc4%2BHDFfiDlkXpPVKxwHNcNZYjnvu73XlVxnEh82K8FDN6CeloE3ouTcwpcLnBdHy%2Bk6BYC4qNszHVRR3IHz96eymreUyQs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303ecca5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/3.css

172.66.44.107

200 OK

1.6 kB

URL GET HTTP/3
usps-1cl.pages.dev/3.css
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
ASCII text, with very long lines (930), with no line terminators
Size
1.6 kB (1644 bytes)
Hash
9d8f9ca804d1547304a4697a71854267
166749969830f5ef86e18e2dceec90aecae67a0b
d2fe6cb3e10b13a65b0c3569b4e617f16072bcbba3b7b537abe7dab999435d21

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /3.css HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"482f09cb417743eac1d864afb1ac76c7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PZi%2F0ynX8EHpxfvoimJf3sBZ9PdpIef3znzj0PwcoijqSrwv8%2Fa%2BOMWvZVOpaKLYuu8qvijqokIa6rRmkDvxk8OjzgeQiqrwnx1HG41wLQB6qj2oSt1dmiZds%2FsvJnPn1JFSsr0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303ecd55696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.usps.com/assets/images/home/featured_clicknship.svg

192.229.221.165

200 OK

493 B

URL GET HTTP/2
www.usps.com/assets/images/home/featured_clicknship.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
493 B (493 bytes)
Hash
375ed61778c1a49c8d1ea21f31748719
476785aa7126fbd9dcaa3bce84b57c3c120bd5a4
23edd9ac5dba678e1e5f97f2397a69d295e257c4a56e462c686557246081ffa2

HTTP Headers

GET /assets/images/home/featured_clicknship.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76056
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "436-5494e7bfce000+gzip"
last-modified: Fri, 24 Feb 2017 22:45:20 GMT
server: ECAcc (dce/26C5)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 493
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/gifts.svg

192.229.221.165

200 OK

590 B

URL GET HTTP/2
www.usps.com/test/nav/images/gifts.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
590 B (590 bytes)
Hash
df6fcab6c4caf86e8a1401a4fc36f885
860352cea6899553cb4e7111097b35bd007c65e7
986ebc6c0f0c4b5bdb2513352dbbf3f501a36abd1dcd0c17a9c215efd95191a7

HTTP Headers

GET /test/nav/images/gifts.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76647
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "3ee-560f10e9b5900+gzip"
last-modified: Fri, 22 Dec 2017 17:22:12 GMT
server: ECAcc (dce/26E0)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 590
X-Firefox-Spdy: h2

www.usps.com/global-elements/header/images/utility-header/mailman.svg

192.229.221.165

200 OK

904 B

URL GET HTTP/2
www.usps.com/global-elements/header/images/utility-header/mailman.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
904 B (904 bytes)
Hash
1426a5796b4337302ee498d4a9265b38
c3b2b8042eb536d43101c5281d5aae8244d1e0e1
87f26b59587d5549f99b77e77519bf17b625c6a693931f54f62accac834e6ff1

HTTP Headers

GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76630
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "723-55885af730a40+gzip"
last-modified: Wed, 06 Sep 2017 13:54:41 GMT
server: ECAcc (dce/268C)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 904
X-Firefox-Spdy: h2

www.usps.com/global-elements/header/images/utility-header/search.svg

192.229.221.165

200 OK

795 B

URL GET HTTP/2
www.usps.com/global-elements/header/images/utility-header/search.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
795 B (795 bytes)
Hash
ace472e478185d5f5ecd18c7d821eff7
c4c97892e41d3dd838912c42fd7a7b212f671d1b
c8b13b10e28b6b420151db578831a416b7c1805d7672eeb57e69dc697fda1e27

HTTP Headers

GET /global-elements/header/images/utility-header/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76017
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "5b9-549b126599f40+gzip"
last-modified: Wed, 01 Mar 2017 20:28:05 GMT
server: ECAcc (dce/2688)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/utility_customer_service.png

192.229.221.165

200 OK

1.3 kB

URL GET HTTP/2
www.usps.com/assets/images/home/utility_customer_service.png
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1307 bytes)
Hash
3500d365cd94527c71fe9c70d5cda435
0c7bede628d74cefaf5fce1b675c0ce3c72c78c9
34b28a24c5414dab68a15be6613536d905faf33fbf1aed8ee4702caa60be9bca

HTTP Headers

GET /assets/images/home/utility_customer_service.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 76685
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Sun, 05 May 2024 05:38:52 GMT
etag: "51b-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dce/2695)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1307
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/utility_languages.png

192.229.221.165

200 OK

1.5 kB

URL GET HTTP/2
www.usps.com/assets/images/home/utility_languages.png
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1456 bytes)
Hash
410956805d5701e87299cff412827e1a
5de9a390649dfc12e3d6df431140d499ad8abd67
6e727dbf5b0f4a3ec76762e445ad2c5cb750f7de41afb8b0342f903124d09826

HTTP Headers

GET /assets/images/home/utility_languages.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 76008
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Sun, 05 May 2024 05:38:52 GMT
etag: "5b0-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dce/26AC)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1456
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/collectors.svg

192.229.221.165

200 OK

561 B

URL GET HTTP/2
www.usps.com/test/nav/images/collectors.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
561 B (561 bytes)
Hash
9105cfa1479096038365d18beb23cb1f
648c5b01118cf059eede56d9dae1713ab26d965c
b2728704f99e68b8edfa2b8efcb1f40e77d3abd5f6f04388c9a09232b1711043

HTTP Headers

GET /test/nav/images/collectors.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76647
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "461-560f10f803ac0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:27 GMT
server: ECAcc (dce/26C9)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 561
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/business.svg

192.229.221.165

200 OK

689 B

URL GET HTTP/2
www.usps.com/test/nav/images/business.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
689 B (689 bytes)
Hash
0d366834f312798111ebe3990766f8f4
e3ce708bf0b0b1924156674aca900898d407331c
da2e0f69eb8ea4aa9ffe45c2ad6d330eb7922e0e14f8aaca4e577be0fb8b4bea

HTTP Headers

GET /test/nav/images/business.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76640
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "4d2-560f10e7cd480+gzip"
last-modified: Fri, 22 Dec 2017 17:22:10 GMT
server: ECAcc (dce/268F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 689
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf

192.229.221.165

403 Forbidden

345 B

URL GET HTTP/2
www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
XML 1.0 document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
Origin: https://usps-1cl.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Sun, 05 May 2024 05:38:53 GMT
server: ECAcc (ska/F747)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf

192.229.221.165

403 Forbidden

345 B

URL GET HTTP/2
www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
XML 1.0 document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
Origin: https://usps-1cl.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Sun, 05 May 2024 05:38:53 GMT
server: ECAcc (ska/F6BE)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff

192.229.221.165

403 Forbidden

345 B

URL GET HTTP/2
www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
XML 1.0 document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://usps-1cl.pages.dev/
Origin: https://usps-1cl.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Sun, 05 May 2024 05:38:53 GMT
server: ECAcc (ska/F7B7)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf

192.229.221.165

403 Forbidden

345 B

URL GET HTTP/2
www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
XML 1.0 document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
Origin: https://usps-1cl.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Sun, 05 May 2024 05:38:53 GMT
server: ECAcc (ska/F6EC)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

cloudflareinsights.com/cdn-cgi/rum

104.16.80.73

204 No Content

0 B

URL POST HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.16.80.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
content-type: application/json
Content-Length: 1020
Origin: https://usps-1cl.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 05 May 2024 05:38:53 GMT
access-control-allow-origin: https://usps-1cl.pages.dev
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87ee630a8eb4b51d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/favicon.ico

192.229.221.165

200 OK

32 kB

URL GET HTTP/2
www.usps.com/assets/images/home/favicon.ico
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
32 kB (32038 bytes)
Hash
3f0f72ed57a54b97cda500bcf0545efb
2f252619c18e729d98e16b96d37cd7cd567b38eb
67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943

HTTP Headers

GET /assets/images/home/favicon.ico HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 76646
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/x-icon
date: Sun, 05 May 2024 05:38:53 GMT
etag: "7d26-547e0aa1fa400"
last-modified: Mon, 06 Feb 2017 18:18:56 GMT
server: ECAcc (dce/2687)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 32038
X-Firefox-Spdy: h2

cloudflareinsights.com/cdn-cgi/rum

104.16.80.73

204 No Content

523 B

URL POST HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.16.80.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
gzip compressed data, from Unix
Size
523 B (523 bytes)
Hash
d3971e5874b7ad3785ceaebaff9d0919
f52722543043260ac2be61492cd948aee3315169
e81f642a3b7d51bb1e9480a4bf978615b2617d913810a6eb60f611ac16f689e4

HTTP Headers

OPTIONS /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://usps-1cl.pages.dev/
Origin: https://usps-1cl.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 05:38:53 GMT
content-type: text/plain
access-control-allow-origin: https://usps-1cl.pages.dev
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87ee630a8eafb51d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

usps-1cl.pages.dev/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.ce2acce0.woff

172.66.44.107

200 OK

68 kB

URL GET HTTP/3
usps-1cl.pages.dev/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.ce2acce0.woff
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (14240)
Size
68 kB (68281 bytes)
Hash
e53fd19b55fe9394fba42190fed0f68d
1b62f5d5a796b06f15ea988157dc49f1e6e69bb6
33b89feb14ef1c7adb0b8914db6d308fa824a8cfae9788299d6a68fada48a7ad

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /fonts/5b4a262e-3342-44e2-8ad7-719998a68134.ce2acce0.woff HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://usps-1cl.pages.dev/2.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "dfd42ad2561811fd34cc4e602d405e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJ4oxSDGDKFL6vjnBX0i1pUxOe3fH9vr5W7ZmZBwwMh4MCO6TTcfar24FrN9XiX0hAiHl%2BCe%2BvHSnguHaotC620ooF4rDYs%2Fbd6%2FZtHLeCG3uiG2Hfy%2BFlnNBB3lAh3dIXCypb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6307af405696-OSL
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.d35537ad.woff

172.66.44.107

200 OK

76 kB

URL GET HTTP/3
usps-1cl.pages.dev/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.d35537ad.woff
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (14240)
Size
76 kB (75628 bytes)
Hash
82a10f8637d77171795adedd1191ceb7
6df34435f527db6062293601c640f014a2349a4f
a019b00f299e339bdc6d07185458cca60dba081fa87f475d6d3efade8508f047

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.d35537ad.woff HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://usps-1cl.pages.dev/2.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "dfd42ad2561811fd34cc4e602d405e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z6CBL84V8HTxSoUjmC3Hw0UvN4DOkAa95S%2BYGRChVVDOwXTkO2pfQTo9ZjK6HUMIbPfZoNmzOCJXmwBXjdZiYXNECQOVVjrnTv6FSNcA3Zof7phRN6zHd2NHkO8qFpfcrr6z27s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63073eee5696-OSL
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/schedule_pickup.svg

172.66.44.107

200 OK

1.8 kB

URL GET HTTP/3
usps-1cl.pages.dev/schedule_pickup.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
1.8 kB (1775 bytes)
Hash
c523f85f9a06acc80cd618f10c18063a
d385730a45e237ac82907718aa3c7d78f2dd74b2
7ea8f48894b1b43539d09fa9328a76470d7642525b20477bd5c43105f7baaf86

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /schedule_pickup.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"8096cba01b24abb183bb1197422fce68"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ifOu4Qzut3ZaYPs6hBxKmuyNsZSExZzP4Q6%2BOmPSoqRNUK5mQGOShhudWrEp%2BSdrJxCOTdb%2BWMM94UJnpcl5wWTv5yCDl1qq6PHOMLjkTLzn06r%2FD8PZ%2FYSW65t6oLObU8z7ynE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303fcea5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/change_address.svg

172.66.44.107

200 OK

1.9 kB

URL GET HTTP/3
usps-1cl.pages.dev/change_address.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1869 bytes)
Hash
ba4d97e788e337701dae39405dc2f442
7e0d950d83c7e7eb6102ee1b5175b1db8ce56551
38ff1ba4f58c85e428e833b6bfa50ce3ddba6b350b3aa68779325f1afaa13b5c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /change_address.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f0cc254464b7b134a50c3dfde3e418e4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xSIThVSEKBCmHX2CMIUREsPbfZGd0sLCe%2Fl%2BxWNlrB5nz0n60hMVLz%2Bo6lNQmbrlazEFVoN6MYyKT1gr%2B8fxgH2QQcxd1gV%2FnzZCmnqAiwzYw8yBjK44bxzkSStIvyQZ8oOTnhg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63040cf15696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/location.svg

172.66.44.107

200 OK

2.6 kB

URL GET HTTP/3
usps-1cl.pages.dev/location.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
2.6 kB (2586 bytes)
Hash
2b06f7a382ea90d910403786f60f9d81
9f10825ebeb9516e451a6077b1d0049a352b48e3
a0e33a0b87e479cf85c9df62303b3952357a0645e6c7c36627a43fccaafad182

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /location.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"41af342ea1a59edbbdbdc0c7c7a83d37"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISdTrRrT2vENt5RNTCgMs9GPy67x0ggOGZ1DTBdlQETf3JjG5%2FZQ3PtLJZEotk1MCBQXJbCDMRv0dEgfOLHfGFMmE67rgaBbIM0iA2QseARJ2QHea55GnPicb4gQt6fFWwH2T0Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303fce85696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/global-elements/footer/images/footer-logo.png

172.66.44.107

200 OK

68 kB

URL GET HTTP/3
usps-1cl.pages.dev/global-elements/footer/images/footer-logo.png
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type

Size
68 kB (67778 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /global-elements/footer/images/footer-logo.png HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/footer-sb.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"dfd42ad2561811fd34cc4e602d405e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9K5BQY11JvD9KmlslA4%2Bda6jNk%2BYOs8KtcbymlHF70MN5qX%2FkHWogdHQDtXf2IZhTnf8f5%2FTsNAP0LaQMJQ8eWJnNO359qMII8OiKPQTQ2NojKKO5LZQEtA91RNkVi5ndCG8Vi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6307af3e5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/hamburger.svg

172.66.44.107

200 OK

546 B

URL GET HTTP/3
usps-1cl.pages.dev/hamburger.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
546 B (546 bytes)
Hash
877d4644f0a505bf30be77169524e441
d85faf0831fb39673ad3733ad6ecf1d8bac778cd
2336a119dddc7aa4b6d54a4ecd251f5a30cf0572816db55b92e9f0b43ee63ecf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /hamburger.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"68257fe8de35f01f6d78a9dc8fa9e2a9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ouqLHN9PNChjjz3JILe%2FsFnrNmYybVXUbHOFPxAebdBE8BWcdYJMFCW9zyX%2BEDs8bfj9%2FqrkODH0JB%2Fn%2FbKw3atGVEfTUWzUu6Gu5uoEbqO%2BSMezwQI1Kq%2F3AK1H0QrNGEFmQas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303ecd75696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/calculate_price.svg

172.66.44.107

200 OK

2.3 kB

URL GET HTTP/3
usps-1cl.pages.dev/calculate_price.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
2.3 kB (2302 bytes)
Hash
431fb89252e46304ea7f6f956146f2b7
bd1018ec7dfa59258d8b81a2f914291ede34f27f
be94cb1ae2d86c4a1e0b79e6dcea5decd7f5ab1e96e171946de72117094b13a1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /calculate_price.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"34047a3cf96dd32c1cb88715628eff67"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GZ%2FGesQD9FkaQE8jqGEnLisOErUpE8YrE4eNqjpf7vzaCF54Dhn27LEMzp0IZ8gPegbGTgB9LzEmVbA%2B0%2BPQrty8TO8%2BuV5Hbvhs5ClR%2B5pc5unqwVDICqwYlAvzwQxAtB5vsnw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303fceb5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0

104.16.40.28

200 OK

0 B

URL GET HTTP/2
fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0
IP
104.16.40.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectfonts.net
Fingerprint40:BB:71:39:9B:62:CA:2E:30:5E:D3:A9:33:D6:69:83:D8:1F:D0:57
ValidityThu, 04 Apr 2024 03:21:50 GMT - Wed, 03 Jul 2024 03:21:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: ki65sQC1HlYAvAwzpIlg68BKJDoZiZ/BwbN/hDH5RUfm7vMSBZqfat1D29ePjiEs20YJy+049dY=
x-amz-request-id: 4MWDSXH8MPCQQMJM
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 297508
accept-ranges: bytes
set-cookie: __cf_bm=brszK7EL55Kz4DhDRYFsB5TZ4tX_QSp..9P5Et.hS2w-1714887532-1.0.1.1-agkhpZPm5Cv8ceSYO8CyDH2KMjrppdZx1Vp8eDYdnH40dEab2FWH_q72PJ2pYCPGbJN7aIpS8qyCTA8s8M51MQ; path=/; expires=Sun, 05-May-24 06:08:52 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee630629f192d3-CPH
X-Firefox-Spdy: h2

usps-1cl.pages.dev/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.76e09978.ttf

172.66.44.107

200 OK

68 kB

URL GET HTTP/3
usps-1cl.pages.dev/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.76e09978.ttf
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type

Size
68 kB (67778 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.76e09978.ttf HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/2.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"dfd42ad2561811fd34cc4e602d405e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XfXpdPHbNEoqeBuRnKPNuvJcllg%2F%2FyHD%2ByAmAzJRqKla1U9FfK56TMmn0X2iG0TpO%2BH%2FdC4G8WXOAC9UWlQauNKnuhrBGIqCPk%2FP3BC2wu%2FgoPLmwGClW3QR%2Bee1Vsoul759xUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6307af445696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/jquery.min.js

172.66.44.107

200 OK

90 kB

URL GET HTTP/3
usps-1cl.pages.dev/jquery.min.js
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /jquery.min.js HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"29c4e63801623c5ad6a13313b0cd8d2c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Md0kH4ctl7vDfvw%2BDBBvqp711Alg9xXt7gjdUcIpDJ7g1VqrG5Pxh8JakeiZwxb3j3S77vDNhCpMgkrzLUOhdoSzWgxQA6o5BAM2Cn4tQifLd4jGzYjYs8UJaDy7QTM4471OhY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303ecbf5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.cloudflareinsights.com/beacon.min.js

104.16.79.73

200 OK

19 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
JavaScript source, ASCII text, with very long lines (19189), with no line terminators
Size
19 kB (19189 bytes)
Hash
4c980ee97cb5c001b4d19e2895fa5603
2c6fe998aa7486c4becd74cf253bdd82666a64c3
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

HTTP Headers

GET /beacon.min.js HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63049d4ab527-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/change_address.svg

192.229.221.165

200 OK

1.9 kB

URL GET HTTP/2
www.usps.com/assets/images/home/change_address.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1869 bytes)
Hash
ba4d97e788e337701dae39405dc2f442
7e0d950d83c7e7eb6102ee1b5175b1db8ce56551
38ff1ba4f58c85e428e833b6bfa50ce3ddba6b350b3aa68779325f1afaa13b5c

HTTP Headers

GET /assets/images/home/change_address.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76647
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "74d-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dce/26E4)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 935
X-Firefox-Spdy: h2

usps-1cl.pages.dev/find_zip.svg

172.66.44.107

200 OK

1.5 kB

URL GET HTTP/3
usps-1cl.pages.dev/find_zip.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1471 bytes)
Hash
947f73db1be85b62c0a78fd947ea8f48
4b7cdd980fc356f9afc040ceaa1e4eff64eccdb6
65633c2f9e1f520fcb432d8f51929e8d0872964d876ff9d19e882af7eada0166

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /find_zip.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4afeb29bd1d3f3acca338b0e24e4330a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=teJvpYVJb3uSTBDGmpHNKg1MS53mEWvTw0XaEWo7q6P34QEWFhO9sFP%2BTksnHdDXYr35FasCmVbDUFM6p%2B%2BFQfpstlNqypILor9gjeb2UM%2BkdST6VwXt%2FhKsqmL9u1%2FrwbItkgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303fcee5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/mailman.svg

172.66.44.107

200 OK

1.8 kB

URL GET HTTP/3
usps-1cl.pages.dev/mailman.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
1.8 kB (1827 bytes)
Hash
7e63b1510cfe1e7b2e2c00dbe7b48f49
7b13f782d0ea7d101e612cab914da1574180fa76
3bfb113a66658cfbfb3238b0210f43d4e564d7fce174ee72f3ab8d3b8b3cff41

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /mailman.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"1e87147e306dc04d3f53da5ff627cb47"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gOxeyLVx%2BbD5gK6odjbpUMBKCg1gW6cOsFFKifmyfruiZjZQ9%2B37xNtW8VRMQ3zoWgS0JZF5EtzgJF2honWLRlWIy182c6Xf4RtsYZZ7no91K7b3oXueg%2BDiRpxDP%2B9baC4uBAo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303fce65696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.usps.com/test/nav/images/cards-and-envelopes.svg

192.229.221.165

200 OK

2.2 kB

URL GET HTTP/2
www.usps.com/test/nav/images/cards-and-envelopes.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.2 kB (2217 bytes)
Hash
6088261f72b5ce3642b5cec0eb113793
d132c9f520c2a5b4a724c5ecb2e8fc4f4f45fa07
2a7560f8b14ba4d21e129f29758c750aca7787cff99c49c1c05c389d22a15457

HTTP Headers

GET /test/nav/images/cards-and-envelopes.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76115
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "8a9-560f10e8c16c0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:11 GMT
server: ECAcc (dce/26DF)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1056
X-Firefox-Spdy: h2

usps-1cl.pages.dev/po_box.svg

172.66.44.107

200 OK

1.6 kB

URL GET HTTP/3
usps-1cl.pages.dev/po_box.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1639 bytes)
Hash
2cc2a9cd603e3badb3f767a4a4728f5c
40f414f0ff209023650ca7014ec2a57939229d1d
e60ecbbbdfaf3944b4ec3ffdb090954b0ede6607da1cdbf9fb7d2963fdee61b6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /po_box.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"77c1939854249e106d2a03ec8e581322"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2%2FtoG0wKEXczQ%2F9O8YKhwkN90kLahrc6GrWTL3gt%2FPY0%2FoqjUOmjzZMbzeQQCfHYCZYRYlu7IrZngm4C0oaaWfnYaCcuJkRvhnONcwHW6qAXplNvD2be9BLp17wVk0ocHqxVkw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63040cf25696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/featured_clicknship.svg

172.66.44.107

200 OK

1.1 kB

URL GET HTTP/3
usps-1cl.pages.dev/featured_clicknship.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1078 bytes)
Hash
4eaba35653e775df78f96942d040dcc3
f5fd90e8f32041520795f0c82a1652124a02f93c
08f3c04fe589387977fca30dc02a87bf42ce3c066fc28c1071be412aaf9cf852

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /featured_clicknship.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"bfd53f6148f6ecf97e915e3304f91f93"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dSOmA04T4qZ%2FePwxH9%2FHKs0Eo1ivBjCvE0UkjV9pb0nQnmBPMGMLy72tezbXFRwrK0rbgP%2FZ75RVfiFoK%2FKzKb1yffXCEoYT7ILovRn8R1fqfdnXLWZ7syAJyY3oNh5a%2BqjCKgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63040cf65696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.usps.com/assets/images/home/search.svg

192.229.221.165

200 OK

1.5 kB

URL GET HTTP/2
www.usps.com/assets/images/home/search.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1465 bytes)
Hash
72686f982dfebbd9157958b01f2ce9e6
525eb380721cdc53b170b7ed00d9a87f6ab71167
92f4f127afbc23dba0b9a8edd2b7baf572c6f2abec350a4d992e372b000e674c

HTTP Headers

GET /assets/images/home/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76044
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "5b9-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dce/26EA)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2

usps-1cl.pages.dev/stamps.svg

172.66.44.107

200 OK

1.1 kB

URL GET HTTP/3
usps-1cl.pages.dev/stamps.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1103 bytes)
Hash
aa929e4b4109978bc993e27357aae805
90fa6376d480e4b223c10365a264147417064271
2734c778268298b5302a62fb13085c40eff83b394ccfcfbc0bc70918589f45f7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /stamps.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"e9b251dbcdbedfe173c0b77c7f4d209e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=51RlRWTV%2BPNa462fRnRfXCIyPC%2FPh3qbN5Exv2tweyH0eWQC9l6WWV1%2FR7NwBVlEY9%2BkN84x2OX%2Bn2T4iZQLx7xgjW%2BYKmTQCHhiz2zRN6SEDTJ6iCV9z7fC2l9QuJt9fdSuYqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303fce95696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/tracking.svg

172.66.44.107

200 OK

1.6 kB

URL GET HTTP/3
usps-1cl.pages.dev/tracking.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1561 bytes)
Hash
51e3139d76e5dc032ee585cca0dc7fa3
25f66b3ef42009851954f22e6d6f4904f506c0b8
dfd96cdbd5e0b4bd7f31c68d620874a37ec2c3f4e5d2716d7227057d2e66d264

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /tracking.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"08ff063563006baa42f75845a976bf8e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QsIvzlluaI9yEfDIeVcxbgz3uhb%2BnCDxn%2BMF63CllCFwo3XTWkcBmgmiuRDKqSuwJUM2ypH2LtClw7uv7vBVohNLb%2BBHAOaJLhly5RuAcH%2B0n3RHU5IGT8DJKZ7wMM295iNJH6U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303fce25696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/global-elements/header/images/utility-header/mailman.svg

172.66.44.107

200 OK

68 kB

URL GET HTTP/3
usps-1cl.pages.dev/global-elements/header/images/utility-header/mailman.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type

Size
68 kB (67778 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/megamenu-v4.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"dfd42ad2561811fd34cc4e602d405e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BHw06AiS5SaQhQBIy2Jt5%2BVOjImhFwA6lLZc0Nzc8kMccmK9iW6mZvabifyO%2FILqxGmyjnMxdb%2FdIk37LIMo%2BrGmIV8opQC8BsbMY8%2BCrSQb5VowKVYEyn7Psv2KEhVBiKtkXuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6306fec85696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/global-elements/header/images/schedule-redelivery.svg

172.66.44.107

200 OK

68 kB

URL GET HTTP/3
usps-1cl.pages.dev/global-elements/header/images/schedule-redelivery.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type

Size
68 kB (67778 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /global-elements/header/images/schedule-redelivery.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/megamenu-v4.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"dfd42ad2561811fd34cc4e602d405e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opo0j1rlvcW%2BawyldX5ANSpIqXimksEGwlsjcGFH9SqpACtVZsBes3NWUjYbH24%2F9b%2BrL3DvUV%2B2kaqxV7vWULSy9zayY8TuFgc5DexHV5NcdOn9Y1yCAoLlGiBz8sf7yLWnZYU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6306fece5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.usps.com/assets/images/home/po_box.svg

192.229.221.165

200 OK

1.6 kB

URL GET HTTP/2
www.usps.com/assets/images/home/po_box.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1639 bytes)
Hash
2cc2a9cd603e3badb3f767a4a4728f5c
40f414f0ff209023650ca7014ec2a57939229d1d
e60ecbbbdfaf3944b4ec3ffdb090954b0ede6607da1cdbf9fb7d2963fdee61b6

HTTP Headers

GET /assets/images/home/po_box.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76636
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "667-5494e7f259740+gzip"
last-modified: Fri, 24 Feb 2017 22:46:13 GMT
server: ECAcc (dce/26C8)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 848
X-Firefox-Spdy: h2

usps-1cl.pages.dev/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.4ae8231a.woff

172.66.44.107

200 OK

68 kB

URL GET HTTP/3
usps-1cl.pages.dev/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.4ae8231a.woff
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type

Size
68 kB (67778 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.4ae8231a.woff HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://usps-1cl.pages.dev/2.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "dfd42ad2561811fd34cc4e602d405e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GrFb78yrF%2FoMdhQyM%2FIVR0y6y%2BMyDhlpCCghRI%2BLVaN4stpIBesyvbE%2B5WhOdxsxRm0rBFI%2BpPzKIjieflM%2B56iRcVFSP5XTw9gotN3f2J8cLFTN3Cm%2B5TmBX7Q%2FBAm0JqFQjTQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63072ee75696-OSL
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/search.svg

172.66.44.107

200 OK

1.5 kB

URL GET HTTP/3
usps-1cl.pages.dev/search.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1465 bytes)
Hash
72686f982dfebbd9157958b01f2ce9e6
525eb380721cdc53b170b7ed00d9a87f6ab71167
92f4f127afbc23dba0b9a8edd2b7baf572c6f2abec350a4d992e372b000e674c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /search.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"065319b850c9691d22616897e3e8a178"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0VtnqTV8yDhe9RCEG4Q8E7VbSFkpDKL595uuMNwCVIg%2BDa4GlJ1WWGX%2FcjkGOENgyEShFjDFbnjItLcUMW1N4ygmS7j9pPKaH3X6OY%2Fz27qyuVQZEOFyyaHxAUvGHtRr%2F7C%2BcI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303fcde5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/global-elements/header/images/package-intercept.svg

172.66.44.107

200 OK

68 kB

URL GET HTTP/3
usps-1cl.pages.dev/global-elements/header/images/package-intercept.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type

Size
68 kB (67778 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /global-elements/header/images/package-intercept.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/megamenu-v4.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"dfd42ad2561811fd34cc4e602d405e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUIqkxgMnHxHbTkIqmURkbqvSZowkslm4fpE3keFMCxtSbpvep8jBevDdryWL158hcXoDZY211XU4NVqZ1HYIv2wcRkpOGJbyF5XvCG1IP7a4CMzgugdBRnNg8LXlUR8K4JiYeg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6306fecb5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.usps.com/assets/images/home/holdmail.svg

192.229.221.165

200 OK

1.4 kB

URL GET HTTP/2
www.usps.com/assets/images/home/holdmail.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1448 bytes)
Hash
798a735992c99ecdc76454f1c093261a
89058df9342a184b64cdff41a11798ba07628829
cd9c59aa1822c5bf50b3250455ca1d6a7aceded7ad9d92c1e5072367384c1652

HTTP Headers

GET /assets/images/home/holdmail.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76691
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "5a8-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dce/26D6)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 768
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/shipping-supplies.svg

192.229.221.165

200 OK

2.6 kB

URL GET HTTP/2
www.usps.com/test/nav/images/shipping-supplies.svg
IP
192.229.221.165:443
ASN
#15133 EDGECAST

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerDigiCert Inc
Subject*.usps.com
Fingerprint89:34:8F:E5:07:0E:C0:73:96:2D:78:82:D6:7B:BC:D3:C1:AB:60:39
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.6 kB (2552 bytes)
Hash
ab67d7e569a64be0744cb3d179612d50
65e256ede2d7bc4297f7497f4430182c04b627e9
b3b380736b4280b27e829b17a7fb722f88c100d77bea94909c9b110e2a4a691e

HTTP Headers

GET /test/nav/images/shipping-supplies.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76063
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sun, 05 May 2024 05:38:52 GMT
etag: "9f8-560f10eaa9b40+gzip"
last-modified: Fri, 22 Dec 2017 17:22:13 GMT
server: ECAcc (dce/26B0)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1282
X-Firefox-Spdy: h2

usps-1cl.pages.dev/global-elements/header/images/icon-personalize-stamped-envelopes.svg

172.66.44.107

200 OK

68 kB

URL GET HTTP/3
usps-1cl.pages.dev/global-elements/header/images/icon-personalize-stamped-envelopes.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type

Size
68 kB (67778 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /global-elements/header/images/icon-personalize-stamped-envelopes.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/megamenu-v4.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"dfd42ad2561811fd34cc4e602d405e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=agfSmkqdVv9VboG4AYE1apcJh20vrpGx1Nw5Zeoyhqmdhr2NcdDVoUT4TNoSejMjqLtgvfOTDVqUxDQUvfGw2o4y%2FLC66vGv0v%2BLwTa9WO4wa9LQcwghfgWUHTvCQOhs4k0luiQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63070ed65696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/megamenu-v3.js

172.66.44.107

200 OK

13 kB

URL GET HTTP/3
usps-1cl.pages.dev/megamenu-v3.js
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
JavaScript source, ASCII text, with very long lines (13400), with no line terminators
Size
13 kB (13400 bytes)
Hash
b62e27b15837b70e7dab99846ac90ab3
9a49415c5e47149a5324705eaf78b4b68ce10edf
50764694ee2da70f2d3ce0e8340eca39b9e2760d293b47e4355c690a4769e781

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /megamenu-v3.js HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"129dd6898f8ece808e780458ea1eac93"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKol5UN%2BRXBPm%2F9h7JO6h6nMokOe4m8IVUjatRX3dk2SHZHhs%2BNU2gH1pHcw8Ko%2BkWW%2Be0xEJsU1kpFobdWU1X2kuueAgN72cShEsoLiCj6K6xd6kdiswV%2BYCQlRDRDgOcovlmI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303ecc35696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/bootstrap.min.css

172.66.44.107

200 OK

164 kB

URL GET HTTP/3
usps-1cl.pages.dev/bootstrap.min.css
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type

Size
164 kB (163873 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /bootstrap.min.css HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7d6543e645802865b81ee632b87ff766"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GpdGb6rLE8NyPnDKlo8OK8Vc5YzTOlEPZtOAhSLluBPeN6Gb7O%2BQIbW%2BWHEjImqPH2xytGXhU1RK1BiSd%2BuzTcOVDs1%2BxueS0M9RAlOmqADpMp9lhfPQOU15XKPolFFHWkiGnWo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303dcbc5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/logo_mobile.svg

172.66.44.107

200 OK

2.1 kB

URL GET HTTP/3
usps-1cl.pages.dev/logo_mobile.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
2.1 kB (2060 bytes)
Hash
e2168d4dc7567ef926b7623237981a82
e316de76563718e76dca3496358cd6364e283f94
bea15c662f2670c57110879e989f6312ce35fe454a22a7b46b2b63e908337784

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /logo_mobile.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"d92080c2dbf20d448867604f136e9ef7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GuNt%2FyButcglrnku3QhhF75HTfBTHRjjB14nHkSKXXScX8emp8U87uYtn0W9CNprWVp8yGW2RKrGTmgoWQC8%2BFt5Jok5xFfZxpwHmSFbu8bVCU0CQSawPETbBT4h5OmpZpMCs40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6303ecda5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/holdmail.svg

172.66.44.107

200 OK

1.4 kB

URL GET HTTP/3
usps-1cl.pages.dev/holdmail.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1448 bytes)
Hash
798a735992c99ecdc76454f1c093261a
89058df9342a184b64cdff41a11798ba07628829
cd9c59aa1822c5bf50b3250455ca1d6a7aceded7ad9d92c1e5072367384c1652

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /holdmail.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3fd14111ad8ad6413542913d86680c76"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gpd9V6nfjz8n9fJO4eu%2BwqtKTo%2BKSCJoJwq03PXW3eioFJRC2EatOv10kf%2Fs7PEUr3v6fYJKer6Qduu4uAdITjQ02QpM1Xp4dit2Kea7wv32ZS%2B7cvFMC6hx%2Bf2e3lPutD6eG%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63040cf05696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/free_boxes.svg

172.66.44.107

200 OK

1.1 kB

URL GET HTTP/3
usps-1cl.pages.dev/free_boxes.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1066 bytes)
Hash
e7462fb4ef0723c03ebac6aa9526541d
72952a4ed5e25022fe16dd1fa5584c7c76706894
281fbdd399ccac84f423007a4262f191dc0637eb8e04583d85c2e01395085314

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /free_boxes.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b895d010a7ef7e385a146b8958daaa1e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8B0DsRfFplZmn0AFFSHAO9oIVgxyjAURJBK7oPa1ZJLK3HFfF6fQH8ZkjDrbqsU7oPaZKBTiayfuzuWaKUcTVxn0Mf9y5xDVDUlOXfTQeq04kBtfjzVbddcaQgyuy8BdAjv3g2o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63040cf45696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/

172.66.44.107

200 OK

68 kB

URL User Request GET HTTP/2
usps-1cl.pages.dev/
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type

Size
68 kB (67778 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET / HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 05:38:51 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"dfd42ad2561811fd34cc4e602d405e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FAWqnEJKetSUDvpsOiPicNBIZBkShhTV%2FLmLCl0DJvOIUEsu65cx%2BlO5auAZq%2BDzrLG69gKh2AR53pvZ26CcN3b8Hec8OzOS7zJSAz4h7YlqdDAq6ME7F%2FqhEMvEZBdbC8GJsiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6301dd5956c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

usps-1cl.pages.dev/idxs-icon.svg

172.66.44.107

200 OK

1.9 kB

URL GET HTTP/3
usps-1cl.pages.dev/idxs-icon.svg
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1876 bytes)
Hash
583ef52bd60e417556db5f135ccde412
95657d33aff9e4378ebe4d23588822e15decf037
5a5fd0aafb20d9cb95bf9e3e7110d8877c7bfe8a990e6b5d4ba59148da355bf2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /idxs-icon.svg HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"d4db73f2ab664364b57511a365a3dc14"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0nK5d6iYe%2Fk8vamk0QA9YhAbwfXV8UfqjHoiEwR%2BJ425IibqkqmX40pTkRkPRqniYxYosKXDTzOvNosO%2F5HIpvrJNogCQocFqIaSkRU1FLwj2HiN1uDHdfLfKLX3if4YBbUOSeY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63043d295696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/footer-sb.css

172.66.44.107

200 OK

3.2 kB

URL GET HTTP/3
usps-1cl.pages.dev/footer-sb.css
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type
ASCII text, with very long lines (3193), with no line terminators
Size
3.2 kB (3181 bytes)
Hash
4a6ce4ebfe84e7439d3512d66c90d536
e655ae4472f859a133b1b1541279ca574d182776
0bc86b4d608e2763c9806ec572acd7bcfce09654e69c4f85b21da61098b0f9fd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - US Postal Service
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /footer-sb.css HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5ccd948810f2a5bdbdece98fcb0df41f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xo8l6%2BZHvP%2FpM4EeKxkOFMgWrNkditmkryovL00vo2jVAnRpr1gc%2Fp8VIJMxCyen47%2BYUhPsDuJjXNGB%2BK6QNLovbDSZBTrtglYOt%2BCSkcYJmcDKfj34Zb72%2FYWiceAjPLRn3ek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee63043d315696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.00f83ae9.ttf

172.66.44.107

200 OK

68 kB

URL GET HTTP/3
usps-1cl.pages.dev/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.00f83ae9.ttf
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type

Size
68 kB (67778 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.00f83ae9.ttf HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/2.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"dfd42ad2561811fd34cc4e602d405e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6glGx0pOrp1%2Fh9E3mBDMCa88%2FJup2ZzX07Uf%2BmxwQD4Xmm%2B%2B4llt%2F8l3y7p6fM77Ir0jsA%2BQ1ks97ihRtEN8vXJPid6kZwGHa%2F%2B2WOfEcPYo%2FZ2XjO0sPjre1wOgJxvA7sGXccg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6307ff7a5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

usps-1cl.pages.dev/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.95916e30.ttf

172.66.44.107

200 OK

68 kB

URL GET HTTP/3
usps-1cl.pages.dev/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.95916e30.ttf
IP
172.66.44.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://usps-1cl.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectusps-1cl.pages.dev
FingerprintCD:A3:7D:A5:27:B1:75:12:B9:DA:ED:62:E5:ED:08:5E:E8:4B:92:96
ValiditySat, 04 May 2024 13:31:43 GMT - Fri, 02 Aug 2024 13:31:42 GMT

File type

Size
68 kB (67778 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	United States Postal Service

HTTP Headers

GET /fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.95916e30.ttf HTTP/1.1
Host: usps-1cl.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-1cl.pages.dev/2.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 05:38:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"dfd42ad2561811fd34cc4e602d405e62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lFv%2BrLjTaiJcDjetTLPJm%2BBpXfh%2B1ljAaqFIpgbNG3oGFxvmskQBslNrrikbB4hVGO3di5tmwdY3ODloavc2Pap6gE%2F%2FUBLQB5dhuFo53cf2cLIvWHhUn5%2B8ZwawyCQ8RiAH%2B%2Fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ee6307af435696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (80)

URL GET HTTP/3

IP