ashri-ma.com/usps/verification
135.181.142.230301 Moved Permanently 246 B URL HTTP/1.1 ashri-ma.com/usps/verification
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a6bf6147afe2727f81553bf4d34de7ea
51a25d9c2d8d13be94639bd015ab6db26a4aae93
66059735535b946926e2887c4e93fffb3289536b16b33bd0bbf05323e8e821d5
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Dec 2022 18:45:45 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 246
Connection: keep-alive
Location: https://ashri-ma.com/usps/verification
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7848
Expires: Tue, 06 Dec 2022 20:56:33 GMT
Date: Tue, 06 Dec 2022 18:45:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2631
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:45:45 GMT
Last-Modified: Tue, 06 Dec 2022 18:01:54 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4187
Expires: Tue, 06 Dec 2022 19:55:32 GMT
Date: Tue, 06 Dec 2022 18:45:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 18:20:25 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1520
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash efd0bfca0f4769adb2fc050ecd68e0c9
a094fc791beb1d299f2a970f1312f244ffb5565f
d201ab4e16d9c7222f9f48924e63b0a1e41e4da5df324ff36bc83cc199d92078
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D201AB4E16D9C7222F9F48924E63B0A1E41E4DA5DF324FF36BC83CC199D92078"
Last-Modified: Sun, 04 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17981
Expires: Tue, 06 Dec 2022 23:45:26 GMT
Date: Tue, 06 Dec 2022 18:45:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KCSg3tkTrMtUvvlsxNDmT6z5rOLpzj+AIl9PtDWvzRRmwYNFIYy8ArQ/YP/a7rYh2TXvsShZ30Y=
x-amz-request-id: 34CFSYA382DMSPBX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 17:47:11 GMT
age: 3514
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification
135.181.142.230301 Moved Permanently 247 B URL HTTP/2 ashri-ma.com/usps/verification
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f36ec511b68c2e558fb1d5ac2afd2a02
ffe9acbc954a116f193eb9a1f3e724c1f6c472bd
f4e3a865cf442580b2f85f29600929a92230496b74799838478ec63ba7b5241b
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Dec 2022 18:45:45 GMT
content-type: text/html; charset=iso-8859-1
content-length: 247
location: https://ashri-ma.com/usps/verification/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 18:11:20 GMT
cache-control: public,max-age=3600
age: 2065
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/require-jquery.js
135.181.142.230200 OK 74 B URL HTTP/2 ashri-ma.com/usps/verification/files/require-jquery.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash ea38e8196b75d9720bc3902d6d735130
165284464c58d7f213c1211f2c433873299e4527
cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /usps/verification/files/require-jquery.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: application/x-javascript
content-length: 74
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: "4a-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/go-now.png
135.181.142.230200 OK 20 kB URL HTTP/2 ashri-ma.com/usps/verification/files/go-now.png
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 210 x 142, 8-bit/color RGBA, non-interlaced\012- data
Hash d0dad9004bae0df70b06b75557b1df62
4a080764de6b97902413f5c836432a30da348517
2ff8048ab175abf501e134d00a973ca31a7b0de09c2777eab0a2c9dc07ca0289
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
GET /usps/verification/files/go-now.png HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/png
content-length: 20334
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: "4f6e-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/go-now(1).png
135.181.142.230200 OK 8.0 kB URL HTTP/2 ashri-ma.com/usps/verification/files/go-now(1).png
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 49754396635190a6532dd376acc76ee1
526df243e2adbf5719b082c5e04190ed40209ccd
0962cc2915393132882747bf55b069572324019764af92ec02d5d0249bfdff99
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
GET /usps/verification/files/go-now(1).png HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/png
content-length: 8026
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: "1f5a-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/go-now(2).png
135.181.142.230200 OK 27 kB URL HTTP/2 ashri-ma.com/usps/verification/files/go-now(2).png
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash b596424d2e958b51d7a68b46cadb6855
77eeeff212b8cd75a31beb954907e20bc5f8c831
daaeb825e97d878d0b5d5dfce37a2dd592ac0e1c5b887e24705835442d317365
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
GET /usps/verification/files/go-now(2).png HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/png
content-length: 26972
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: "695c-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/go-now(3).png
135.181.142.230200 OK 20 kB URL HTTP/2 ashri-ma.com/usps/verification/files/go-now(3).png
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 6311ef7a60f86d77aa48fcc48a675a31
96bc8b2fe87b126ffbf0d7b7ad8419661cb6bd9c
70d715475fb0a4756fc65c50cbb2cf0ca15f7311efc6c54b18e045e6ab202251
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
GET /usps/verification/files/go-now(3).png HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/png
content-length: 19969
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: "4e01-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/go-now(4).png
135.181.142.230200 OK 22 kB URL HTTP/2 ashri-ma.com/usps/verification/files/go-now(4).png
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 22ab573e325c944450873345437b0887
0446e4d20c824d38ef4d427cf7e025c8f034f11a
d8573e3e13b1fb40173ea39d5e7fc1b935ae1239b9ca37ac3d7fedf3d966f4ed
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
GET /usps/verification/files/go-now(4).png HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/png
content-length: 22133
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: "5675-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/holdmail.svg
135.181.142.230200 OK 1.0 kB URL HTTP/2 ashri-ma.com/usps/verification/files/holdmail.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Hash 81e82516d0a2af14b60fb1565992a38d
231dd22018b4338c333b42a2b9dc93712039fd22
98db30eef95c0843cd8161b0dd25ff7654ebad2e0b02823f3e93f4c89b848a91
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/holdmail.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"5a8-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/po_box.svg
135.181.142.230200 OK 1.3 kB URL HTTP/2 ashri-ma.com/usps/verification/files/po_box.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Hash cb708368cd160e9bcebc08250b31b5fd
c34d3c79135c54fc507037d97a67e344f4b44a07
26cdf1766e4c8cffc48cbc19186272dd2e67b3284e8e789ebbe39fc638f5e303
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/po_box.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"667-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/location.svg
135.181.142.230200 OK 1.2 kB URL HTTP/2 ashri-ma.com/usps/verification/files/location.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 40892562df6372e0339fffded7b46592
1afd8dbdfafe6dc3419efbc917227f8c971de385
4169d72c622a23d0ecf4b1e01c42a928f3ae851e373752d4db2aa448c226bf7b
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /usps/verification/files/location.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"a1a-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/require.js
135.181.142.230200 OK 7.5 kB URL HTTP/2 ashri-ma.com/usps/verification/files/require.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (17230)
Hash 497138d3bc604aab2496914445a03b98
9071b349034ca3ca58485c1b2c2dd30b01e864c7
1571258d9a6dc2b8befcc54354fe705ec88d5d54b98a47ac87f3d006ba92bd04
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/require.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"440f-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/optimize.js
135.181.142.230200 OK 36 kB URL HTTP/2 ashri-ma.com/usps/verification/files/optimize.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Hash 6cba4ad065472a8b70da8ee3715bb24d
0d9cc7e16889707ef9302c679a9e3c41448a6627
9828e1193e2057f7ae9b236b0efd6c70fc7889181e51a4ea0a48a0087417b421
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/optimize.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:45 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"16b8d-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/metrics-all.js
135.181.142.230200 OK 3.6 kB URL HTTP/2 ashri-ma.com/usps/verification/files/metrics-all.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Hash bbad675813d2cd05dd3a13b3e9cac987
75661bacacc4b911454675da61baf04cd1e2b6bb
e7989c30d2a3daa00b8d1302e140f9684d1bea7d612e6cb81962a55f90e3f0f3
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/metrics-all.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:45 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"2bde-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/jquery-3.2.1.js
135.181.142.230200 OK 31 kB URL HTTP/2 ashri-ma.com/usps/verification/files/jquery-3.2.1.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Hash 51d6b4e7dad39f0057b6a12c0d817012
49d71f65afb7a3553de45fdab3e89a2deff532e1
2334cf5315f126171b5e42246ca30fce7286729259d04abf6025a80d503d5488
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/jquery-3.2.1.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"15283-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.213.140.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.140.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xffpOvBqLhYCOVD7aboIfw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9SnQUd1T6Ws/E32aoIZ8YUV2tLU=
ashri-ma.com/usps/verification/files/modernizr.js
135.181.142.230200 OK 5.8 kB URL HTTP/2 ashri-ma.com/usps/verification/files/modernizr.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (11122), with CRLF, LF line terminators
Hash 63a52f5516e7dd6f9a991e1a3c6e8e7a
ef2d1d5759a8f3a66eb2407a941d93ad90cdbe25
79568226b1220b4aef0b3e42435a3ceac953ae862d3032b72414c6597b339672
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/modernizr.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"2bfd-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ashri-ma.com
Connection: keep-alive
Referer: https://ashri-ma.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Tue, 06 Dec 2022 18:45:46 GMT
server: ECAcc (ska/F6BE)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ashri-ma.com
Connection: keep-alive
Referer: https://ashri-ma.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Tue, 06 Dec 2022 18:45:46 GMT
server: ECAcc (ska/F7A8)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ashri-ma.com
Connection: keep-alive
Referer: https://ashri-ma.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Tue, 06 Dec 2022 18:45:46 GMT
server: ECAcc (ska/F6EC)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/main.css
135.181.142.230200 OK 14 kB URL HTTP/2 ashri-ma.com/usps/verification/files/main.css
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (49380), with CRLF line terminators
Hash c86eb19fa1fd281f566fca2b60049523
c346caa48ba5ea68555bbe9ee0cdb7b00e84439f
1e7778d27eb76afd3065f3c08aed9ae1be1b411b213f4a3690e4d51f5e308e06
GET /usps/verification/files/main.css HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:45 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"1370f-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/schedule-redelivery.css
135.181.142.230200 OK 5.6 kB URL HTTP/2 ashri-ma.com/usps/verification/files/schedule-redelivery.css
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (23076), with CRLF line terminators
Hash 9749b0f3140c9f6234e826d08077c7eb
43b44a8dc73d751b89ab69e0439a2423a359f556
2c1c603b8158f8c6b74782bbe44123c185f1c858431f530f925d112b26d00dd6
GET /usps/verification/files/schedule-redelivery.css HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"59fe-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/OneLinkUsps.js
135.181.142.230200 OK 2.5 kB URL HTTP/2 ashri-ma.com/usps/verification/files/OneLinkUsps.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Hash e99037cd24091ba70cf48987defc8b23
0a97aa0bfa21278613a8bedcaba5736eb0139fdf
dd46eace00328b414712a4f8e21ef79912fdf91a521a841795ef4d9a044af2e2
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/OneLinkUsps.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"e37-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/header-init-search.js
135.181.142.230200 OK 1.6 kB URL HTTP/2 ashri-ma.com/usps/verification/files/header-init-search.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Hash d83d13877ee07c8555f0f68196ff571c
77768d01e2dc00bec3413faac3fd90d8706e6682
542792cc78bd585e29936bd04bc117182953f08d3c8f2cedb5023f6f2c4045a9
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/header-init-search.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"388-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/featured_clicknship.svg
192.229.221.165200 OK 493 B URL HTTP/2 www.usps.com/assets/images/home/featured_clicknship.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Hash efb53558ef3932a80523af92bdda2085
1a97f57d64bc76f296423e1ddbdba9bc71b6d754
f0a25ce9d4e04e6b12bfc528584d599d5e472238849b0e1c66ff5357058d38fe
GET /assets/images/home/featured_clicknship.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ashri-ma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 63437
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 06 Dec 2022 18:45:46 GMT
etag: "436-5494e7bfce000+gzip"
last-modified: Fri, 24 Feb 2017 22:45:20 GMT
server: ECAcc (dcb/7F6B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 493
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/stamps.svg
192.229.221.165200 OK 551 B URL HTTP/2 www.usps.com/assets/images/home/stamps.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 780aa534eb1541ac0834489beafdeea2
2593cddb6c1b7505016d3c1138e16ff556e42166
c2a1858fe0517c4c928dad150f22710f1771c1b43b92b79ceb0b20e44db61ee8
GET /assets/images/home/stamps.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ashri-ma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 37119
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 06 Dec 2022 18:45:46 GMT
etag: "44f-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7EC4)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 551
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/qt.css
135.181.142.230200 OK 11 kB URL HTTP/2 ashri-ma.com/usps/verification/files/qt.css
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1599), with CRLF, LF line terminators
Hash 3137b7a027479976314de0d83d4cc8b2
04ab2d9fe3075f1b212b185508f6986bb60fdb8f
2d05d7550c783961c2d72aa7545cbb68bf320a54737ec95c3ecc26d5fdcccbad
GET /usps/verification/files/qt.css HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"c800-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/calculate_price.svg
192.229.221.165200 OK 772 B URL HTTP/2 www.usps.com/assets/images/home/calculate_price.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 42af7d5484bf8f80ac930313caa5941f
c3dbaf338d7fa81845487333c0cba5b8341bd140
f8f9b52e8d7b815deba988cfcdc6596e9e7b6671075907290c8e96679b18fb2c
GET /assets/images/home/calculate_price.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ashri-ma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 63355
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 06 Dec 2022 18:45:46 GMT
etag: "8fe-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/7304)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 772
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/jquery-ui.min.css
135.181.142.230200 OK 8.7 kB URL HTTP/2 ashri-ma.com/usps/verification/files/jquery-ui.min.css
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (29191), with CRLF line terminators
Hash 4ae33fe4ce3743bd0a17d01d91d4a07b
39a352474c2f0a76703bb6058bb90f4d18acfd42
066820a2b329f8b9a25e4600a1b849a6762b56f2c7a7c7822890ec16398045c0
GET /usps/verification/files/jquery-ui.min.css HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:45 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"7d19-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/search-fe.js
135.181.142.230200 OK 1.7 kB URL HTTP/2 ashri-ma.com/usps/verification/files/search-fe.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2273), with CRLF line terminators
Hash 20aefc0d00b0fd8539e9f4468e42a515
b86b0179b77019d98be1382d2a570cc6a63b61c2
69293db46df5140d13737ed1dd894787ac5d40ff4bacd028527307f01c1d3e7a
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/search-fe.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"8bb-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/po_box.svg
192.229.221.165200 OK 848 B URL HTTP/2 www.usps.com/assets/images/home/po_box.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a1feed192f3aca7fd02c00b6ee45bb07
fce52b953f90a873186cd2c3ddb26dcca41884be
88dcd2a8a6b055bf63763c0a86338f33b09a257c89e26a5ae6a364becf1ac122
GET /assets/images/home/po_box.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ashri-ma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 63334
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 06 Dec 2022 18:45:46 GMT
etag: "667-5494e7f259740+gzip"
last-modified: Fri, 24 Feb 2017 22:46:13 GMT
server: ECAcc (dcb/7FD5)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 848
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/resize-manager.js
135.181.142.230200 OK 1.5 kB URL HTTP/2 ashri-ma.com/usps/verification/files/resize-manager.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (1078)
Hash e8625bd5fd6af639db99eb87df847fe0
f8ae4eaad268c02f5412eb0a9ebe9304ec005279
a526181d3287a85a5ae9029497ce3218c6a30393f63db42e0885ffa3be0ff5df
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/resize-manager.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"410-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/shipping-supplies.svg
192.229.221.165200 OK 1.3 kB URL HTTP/2 www.usps.com/test/nav/images/shipping-supplies.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7a8b39b328ba3e776e643f66844896e8
7a400d0f33c592651da919c728a30e46207a9449
05140d52bba76b4464360b852c3b78227cc2865c4512bf0010ee666f0c985f99
GET /test/nav/images/shipping-supplies.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ashri-ma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 62917
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Tue, 06 Dec 2022 18:45:46 GMT
etag: "9f8-560f10eaa9b40+gzip"
last-modified: Fri, 22 Dec 2017 17:22:13 GMT
server: ECAcc (dcb/731F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1282
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/logo-sb.svg
135.181.142.230200 OK 2.3 kB URL HTTP/2 ashri-ma.com/usps/verification/files/logo-sb.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 82c91ab012392a9937fc7cd8bceef211
5255d9850c311d094ca71166604e7724591fcefd
1151ce9db53ec9f0b5177ef7176bc87ab5bbf3e144bbba5d081fedbac2bc65a8
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /usps/verification/files/logo-sb.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"de5-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/helpers.js
135.181.142.230200 OK 948 B URL HTTP/2 ashri-ma.com/usps/verification/files/helpers.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (733)
Hash 262443dcb7bbc2ffc906809878a22e38
b040ce690ac84ada93917da934b38e3b8166ba8b
16fdf815aaabab6590db55dc0900d485f8aba7722e9f4b5048adef567c613774
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/helpers.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"2b7-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/hamburger.svg
135.181.142.230200 OK 1.1 kB URL HTTP/2 ashri-ma.com/usps/verification/files/hamburger.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 778e56e67d1fe8460d44c414c8363861
b5fe014f6af14539b01e7e1746343a84cb3d04f4
08c8be5a88971ff47d79e41d2b4f718a3ccc8c31dd35e5b4968784ea696d2ff0
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/hamburger.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"222-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/tracking-cross-sell.css
135.181.142.230200 OK 1.8 kB URL HTTP/2 ashri-ma.com/usps/verification/files/tracking-cross-sell.css
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (3113), with CRLF line terminators
Hash 566354d48ccdf0848df06c7cc5c89c75
b4c9972d6cc635455405d27d546edb5d4370e596
e01c1980d90e2811561248e5fe0d9291ba2ef8c1288328ed58990ec0f1ba59ab
GET /usps/verification/files/tracking-cross-sell.css HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:45 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"c03-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.usps.com/global-elements/lib/script/helpers.js
192.229.221.165200 OK 358 B URL HTTP/2 www.usps.com/global-elements/lib/script/helpers.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (695), with no line terminators
Hash a94bd840611f82766bdd01435e0325d4
195b9eccc89fd504aaa416ecfc05b277e3b1862b
c9df217c213bc4a79f26f7996533f4e02e031f82d7f1b88ccdc0f39504573d46
GET /global-elements/lib/script/helpers.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ashri-ma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 23330
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Tue, 06 Dec 2022 18:45:46 GMT
etag: "2b7-505dad4fe5380+gzip"
last-modified: Mon, 20 Oct 2014 13:38:38 GMT
server: ECAcc (dcb/7338)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 358
X-Firefox-Spdy: h2
www.usps.com/global-elements/lib/script/require-jquery.js
192.229.221.165200 OK 74 B URL HTTP/2 www.usps.com/global-elements/lib/script/require-jquery.js
IP 192.229.221.165:0
File type ASCII text, with no line terminators
Hash ea38e8196b75d9720bc3902d6d735130
165284464c58d7f213c1211f2c433873299e4527
cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9
GET /global-elements/lib/script/require-jquery.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ashri-ma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 49133
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Tue, 06 Dec 2022 18:45:46 GMT
etag: "4a-5057c23aa4c00"
last-modified: Wed, 15 Oct 2014 20:40:16 GMT
nncoection: close
server: ECAcc (dcb/7F20)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 74
X-Firefox-Spdy: h2
www.usps.com/global-elements/header/script/search-fe.js
192.229.221.165200 OK 930 B URL HTTP/2 www.usps.com/global-elements/header/script/search-fe.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (2264), with no line terminators
Hash 044ed97a28abfb41b4962d4be4f1a9a2
376bd4af5ff97565cf9565904b615bffbea08690
19c16113aa7d624c43ffefd992d78b420fc3a195d99578684d0abf52fbabce71
GET /global-elements/header/script/search-fe.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ashri-ma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 4083
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Tue, 06 Dec 2022 18:45:46 GMT
etag: "8d8-5d77081c47c40+gzip"
last-modified: Mon, 07 Feb 2022 16:58:17 GMT
server: ECAcc (dcb/7FD8)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 930
X-Firefox-Spdy: h2
www.usps.com/global-elements/footer/script/jquery-3.5.1.js
192.229.221.165200 OK 31 kB URL HTTP/2 www.usps.com/global-elements/footer/script/jquery-3.5.1.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 2a0ef702291c837a85b6c7c2275fdac6
7937023d7bc07c2a6d1e29f316836995fbdbf997
921bf2826576dbc494161d3021ee21b0b844ed89f0b2b630e7d579b69ab1a9ba
GET /global-elements/footer/script/jquery-3.5.1.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ashri-ma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 51326
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Tue, 06 Dec 2022 18:45:46 GMT
etag: "15d84-5affcd6633ac0+gzip"
last-modified: Wed, 23 Sep 2020 15:35:47 GMT
server: ECAcc (dcb/7F9B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 30950
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/megamenu-v2.css
135.181.142.230200 OK 7.6 kB URL HTTP/2 ashri-ma.com/usps/verification/files/megamenu-v2.css
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (44763)
Hash a25aa17cc5a775bcfaae344ca6f9d389
987aff751292cab259c76a1cd5dcc2b9f20a5efe
9ac4fc52db7e9b91b77ade2cdae07dc40cb304f4a055a0a7cbe03a386cc1ab76
GET /usps/verification/files/megamenu-v2.css HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"aeb5-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.usps.com/global-elements/lib/script/resize-manager.js
192.229.221.165200 OK 468 B URL HTTP/2 www.usps.com/global-elements/lib/script/resize-manager.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (1040), with no line terminators
Hash 7dfda1d5c69fea0090eb0e1dd8f9cc69
731696ce554e4a61def2c1b2c42f593b2d663ec2
f59a56b127f6d56e1af875fde9db49dcd3fc70cd952445b3f0d259f4acc52a5e
GET /global-elements/lib/script/resize-manager.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ashri-ma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76932
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Tue, 06 Dec 2022 18:45:47 GMT
etag: "410-5057c23b98e40+gzip"
last-modified: Wed, 15 Oct 2014 20:40:17 GMT
server: ECAcc (dcb/7F54)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 468
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8176
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:45:47 GMT
Connection: keep-alive
ashri-ma.com/usps/verification/files/megamenu.js
135.181.142.230200 OK 3.5 kB URL HTTP/2 ashri-ma.com/usps/verification/files/megamenu.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Hash 38e641a35059ef532bef8cc9ed1b1000
e06b261384f7b365bc3d12dc48d16e717c201d23
d6476cb3e3980cf4a0df661a6df164f0359656c973427bc29a10aa12053a26c0
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/megamenu.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"3651-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8176
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:45:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8176
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:45:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8176
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:45:47 GMT
Connection: keep-alive
ashri-ma.com/usps/verification/files/megamenu-additions.js
135.181.142.230200 OK 35 kB URL HTTP/2 ashri-ma.com/usps/verification/files/megamenu-additions.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Hash 8e1ffd7e50ca314c3b39e5fd66c9b379
fce958bfa87ba8223b8370fb6b4a3440737115dc
40546e7d7d61b97aabdd819f90248a4d58b49f883dda7c73ee55c32d864a8bb0
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/megamenu-additions.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"541-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:03:16 GMT
age: 74551
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WMeay1i2pxnboCB3Qcwb2ray4tnyEzO89tQrHCfGdI3s9kJsMWvzBw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:19:52 GMT
age: 51955
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aYf5d6wAJlPSXVwF5uQXUb1g_65z-v6tInk7IF64bBV-w31d3MKeIQ==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:23 GMT
age: 73404
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/ge-login.js
135.181.142.230200 OK 18 kB URL HTTP/2 ashri-ma.com/usps/verification/files/ge-login.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Hash 9d3c0e6144d8fd14749c261f8787a4aa
fb14ac741b23d0d9a8df16004fd3b9225f918f61
eecb0c09e167fffa560f308992bd653f0321e82feb25978d89e15e8c3ba4056a
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/ge-login.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"245d-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/main-sb.css
135.181.142.230200 OK 38 kB URL HTTP/2 ashri-ma.com/usps/verification/files/main-sb.css
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Hash b7776447e16297225c27e748a7a07c31
1b41c7291e9b7099a29da880b682dfae627458d3
740d32ad80a55e12e5f6c3e986ad2ecc14572f9c6dc047b268cf5ddfab178d58
GET /usps/verification/files/main-sb.css HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"225c-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/favicon.ico
135.181.142.230302 Found 0 B IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
GET /favicon.ico HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 18:45:47 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://ashri-ma.com/wp-content/uploads/2021/01/cropped-logo_black-32x32.png
link: <https://ashri-ma.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:47 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf
135.181.142.230404 Not Found 24 kB URL HTTP/2 ashri-ma.com/usps/verification/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Hash c4e8b140328dfc99d92be8bd9ea6e1c5
875084966d89834e17cd1533e696547ce2b4e7da
0a47948aab2d2259aeaf1a8341d773b1c4e6c72042ffa77bd12126b30047675a
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/fonts/8fda1e47-19be-46c7-8d83-8d4fb35572f0.ttf HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/files/main.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Dec 2022 18:45:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://ashri-ma.com/wp-json/>; rel="https://api.w.org/"
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/ HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff
135.181.142.230404 Not Found 0 B URL HTTP/2 ashri-ma.com/usps/verification/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/fonts/14ff6081-326d-4dae-b778-d7afa66166fc.woff HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://ashri-ma.com/usps/verification/files/main.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Dec 2022 18:45:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://ashri-ma.com/wp-json/>; rel="https://api.w.org/"
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/jquery.min.js(1).download
135.181.142.230404 Not Found 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/jquery.min.js(1).download
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/jquery.min.js(1).download HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ashri-ma.com/wp-json/>; rel="https://api.w.org/"
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/datepicker3.css
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/datepicker3.css
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
GET /usps/verification/files/datepicker3.css HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:45 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"527d-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/schedule_pickup.svg
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/schedule_pickup.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/schedule_pickup.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"6ef-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/change_address.svg
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/change_address.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/change_address.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"74d-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf
135.181.142.230404 Not Found 0 B URL HTTP/2 ashri-ma.com/usps/verification/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
GET /usps/verification/fonts/b0ffdcf0-26da-47fd-8485-20e4a40d4b7d.ttf HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/files/main.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Dec 2022 18:45:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://ashri-ma.com/wp-json/>; rel="https://api.w.org/"
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/bootstrap.min.css
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/bootstrap.min.css
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
GET /usps/verification/files/bootstrap.min.css HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:45 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"1d903-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/calendar.css
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/calendar.css
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
GET /usps/verification/files/calendar.css HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:45 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"38fd-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/search.svg
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/search.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/search.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"5b9-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/images/nav-red-chevron.svg
135.181.142.230404 Not Found 0 B URL HTTP/2 ashri-ma.com/usps/verification/images/nav-red-chevron.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/images/nav-red-chevron.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/files/main.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Dec 2022 18:45:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://ashri-ma.com/wp-json/>; rel="https://api.w.org/"
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff
135.181.142.230404 Not Found 0 B URL HTTP/2 ashri-ma.com/usps/verification/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://ashri-ma.com/usps/verification/files/main.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Dec 2022 18:45:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://ashri-ma.com/wp-json/>; rel="https://api.w.org/"
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/tracking.svg
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/tracking.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/tracking.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"619-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/calculate_price.svg
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/calculate_price.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/calculate_price.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"8fe-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/jquery.min.js
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/jquery.min.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/jquery.min.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:45 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"14b60-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2
135.181.142.230404 Not Found 0 B URL HTTP/2 ashri-ma.com/usps/verification/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/fonts/3b303641-706e-4221-94c4-4fb491f4f8ef.woff2 HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://ashri-ma.com/usps/verification/files/main.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Dec 2022 18:45:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://ashri-ma.com/wp-json/>; rel="https://api.w.org/"
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/free_boxes.svg
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/free_boxes.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/free_boxes.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"42a-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/footer.css
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/footer.css
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
GET /usps/verification/files/footer.css HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:45 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"b75-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:45 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/jquery-3.5.1.js
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/jquery-3.5.1.js
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/jquery-3.5.1.js HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"15d84-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/find_zip.svg
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/find_zip.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/find_zip.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"5bf-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/logo_mobile.svg
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/logo_mobile.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/logo_mobile.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"80c-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/mailman.svg
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/mailman.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/mailman.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"723-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/stamps.svg
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/stamps.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/stamps.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"44f-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff
135.181.142.230404 Not Found 0 B URL HTTP/2 ashri-ma.com/usps/verification/fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/fonts/2c056da8-4920-4e20-8c69-8a6b315458a9.woff HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://ashri-ma.com/usps/verification/files/main.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Dec 2022 18:45:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://ashri-ma.com/wp-json/>; rel="https://api.w.org/"
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/featured_clicknship.svg
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/featured_clicknship.svg
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /usps/verification/files/featured_clicknship.svg HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"436-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Sat, 04 Feb 2023 18:45:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ashri-ma.com/usps/verification/files/footer-sb.css
135.181.142.230200 OK 0 B URL HTTP/2 ashri-ma.com/usps/verification/files/footer-sb.css
IP 135.181.142.230:0
ASN #24940 Hetzner Online GmbH
GET /usps/verification/files/footer-sb.css HTTP/1.1
Host: ashri-ma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ashri-ma.com/usps/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:45:46 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Mar 2021 11:36:16 GMT
etag: W/"c6d-5bebf67f9ac00"
referrer-policy: no-referrer-when-downgrade
expires: Thu, 05 Jan 2023 18:45:46 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2