Report - usit-8trty.uspiat.life/query/express.php

Report Overview

Submitted URL
usit-8trty.uspiat.life/query/express.php
IP
198.98.51.122
ASN
#53667 PONYNET
Submitted
2022-09-17 08:51:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
62

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.160.51.228
www.usps.com	11794	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.8 kB	38 kB	192.229.221.165
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
tools.usps.com	12881	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	422 B	1.3 kB	192.229.221.165
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	49 kB	34.120.237.76
usit-8trty.uspiat.life	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	23 kB	379 kB	198.98.51.122
fast.fonts.net	2905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	841 B	104.17.225.78

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-16	medium	usit-8trty.uspiat.life/query/express.php	United States Postal Service
2022-09-16	medium	usit-8trty.uspiat.life/query/express.php	United States Postal Service

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-17	medium	usit-8trty.uspiat.life/query/express.php	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/base64.js	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/crypto-js.js	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/rc4.js	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/express.php	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/trackingCode.js	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/sweetalert-dev.js	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/hamburger.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/logo_mobile.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/search.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/tracking.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/mailman.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/location.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/stamps.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/schedule_pickup.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/calculate_price.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/logo-sb.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/find_zip.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/holdmail.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/change_address.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/po_box.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/free_boxes.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/featured_clicknship.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/global-elements/header/images/utility-header/mailman.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/global-elements/header/images/package-intercept.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/global-elements/header/images/schedule-redelivery.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/global-elements/header/images/icon-personalize-stamped-envelopes.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/images/nav-red-chevron.svg	Phishing
2022-09-17	medium	usit-8trty.uspiat.life/query/files/jquery.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	usit-8trty.uspiat.life/query/files/crypto-js.js	198 kB	2023-03-07	2024-04-05
Pretty URL usit-8trty.uspiat.life/query/files/crypto-js.js IP 198.98.51.122 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:52 Last Seen2024-04-05 13:26:49 Times Seen407 Hash f716a02969e459fdfc8f37dee235e925 6f2bb245feaa0997fa30b085af0e8990d21395cc f0bdf25fda8f9af5920c82070775864c7e1166eb31540d030e6b80a382e39ce1 Loading...

	usit-8trty.uspiat.life/query/files/rc4.js	3.6 kB	2023-03-07	2023-10-03
Pretty URL usit-8trty.uspiat.life/query/files/rc4.js IP 198.98.51.122 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:52 Last Seen2023-10-03 15:04:56 Times Seen18 Hash 846a99f1e90dbcbb5773793c3fe8aa5c fbb684811bde18ce2faad2ffbda3aa9c00939e90 571eca05c055a26c729f757f83b9f849968ae0dc0ba9870e5be9526019c53a33 Loading...

	usit-8trty.uspiat.life/query/express.php	7.4 kB	2023-03-07	2023-10-03
Pretty URL usit-8trty.uspiat.life/query/express.php IP 198.98.51.122 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:52 Last Seen2023-10-03 15:04:56 Times Seen10 Hash deb91ce4115d0a5b119cb629c3293200 387bd69b40c4b0ceb1c589f780acda674e08ba19 091743f57c20eff84d12e5b54e11d3ff5a66c5a3a1c225c3de2853bf57395409 Loading...

	usit-8trty.uspiat.life/query/files/trackingCode.js	650 B	2023-03-07	2024-04-18
Pretty URL usit-8trty.uspiat.life/query/files/trackingCode.js IP 198.98.51.122 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:52 Last Seen2024-04-18 06:14:33 Times Seen2008 Hash 32dd789522cc6923c80141fcf5d3a614 366b7e3fd63176e559d8b8c5f59be6fd3388cf5a 5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960 Loading...

	usit-8trty.uspiat.life/query/express.php	24 B	2023-03-07	2024-04-23
Pretty URL usit-8trty.uspiat.life/query/express.php IP 198.98.51.122 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-23 02:04:28 Times Seen5686 Hash 56d62f55706e2e153678329e7bcd94d8 c00d14b88b1fa94b12c0aafb761e676e73758fc9 6949901ccecaa8c8c40ac181981a5a291b81648a0a5ab42223db4875bdd5235c Loading...

	usit-8trty.uspiat.life/query/express.php	32 B	2023-03-07	2023-10-03
Pretty URL usit-8trty.uspiat.life/query/express.php IP 198.98.51.122 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:52 Last Seen2023-10-03 15:04:56 Times Seen10 Hash f6e57a9cf4eb2127fca4721781f20718 699af9564fca57c3151035b370df0deb15847493 724cca7bcc1cc4feda6e168ac9e986a0e56f630bc15aab038070295036dd6577 Loading...

	usit-8trty.uspiat.life/query/express.php	49 B	2023-03-07	2023-03-07
Pretty URL usit-8trty.uspiat.life/query/express.php IP 198.98.51.122 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:41:33 Last Seen2023-03-07 17:41:33 Times Seen1 Hash 68947e262f877354bffeae8b38666b7d f6be91e10a7b75afd760c1908e90701c92902836 e4effb20aff1416bb1fb638538a1c9f85deedfa09c100dbcc0def4f9e9a27875 Loading...

	usit-8trty.uspiat.life/query/files/base64.js	7.6 kB	2023-03-07	2023-10-03
Pretty URL usit-8trty.uspiat.life/query/files/base64.js IP 198.98.51.122 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:29 Last Seen2023-10-03 15:04:56 Times Seen17 Hash 9813eac04f019a6b94349a8fbe2e944d 4f95b8587c5f1261a0931c8da0daf984e1096847 016f6c346b202f913844ed67931e8081b55822475d7f42022bf5b3d8231e5535 Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 10:29:59 Times Seen37018628 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	usit-8trty.uspiat.life/query/files/jquery.js	87 kB	2023-03-07	2024-04-21
Pretty URL usit-8trty.uspiat.life/query/files/jquery.js IP 198.98.51.122 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-04-21 17:57:43 Times Seen12142 Hash af4078402c5e090d3f81d1abd71e2250 9592732de681f4365e9b7016dc5cf76e2a55ee9b 8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6 Loading...

	usit-8trty.uspiat.life/query/express.php	25 B	2023-03-07	2024-04-23
Pretty URL usit-8trty.uspiat.life/query/express.php IP 198.98.51.122 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-23 02:04:28 Times Seen2008 Hash f467b64f19191da4e5c8ac5b4edb02b2 7abcaf406c9ff382bd7f7c75c7653fbff03f0410 33c959a2c76326692f3647ba8d01dc64c6374357f098dea1db067a974843b526 Loading...

	usit-8trty.uspiat.life/query/express.php	934 B	2023-03-07	2023-03-26
Pretty URL usit-8trty.uspiat.life/query/express.php IP 198.98.51.122 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:52 Last Seen2023-03-26 04:25:58 Times Seen2 Hash c68dcf24d27e01b059c2025bb31b3779 8792c160c5c50a65c6ba2469ce6a07cb826536b6 506a0ca018f0e470e303d1698f9c518df66034811698c19aef51823d9b89740f Loading...

	usit-8trty.uspiat.life/query/express.php	137 kB	2023-03-07	2023-03-07
Pretty URL usit-8trty.uspiat.life/query/express.php IP 198.98.51.122 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:41:33 Last Seen2023-03-07 17:41:33 Times Seen1 Hash 9d64765aa719cad7caa7dcdac8e58cc5 35588d49dc27797219fb02f3e16cce33a694fccb 7b4956fb08131df0c407a574a0e2ce0bbfe38eb775870cb49ceb06af212d7214 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 591472b2388f139ba72263a46ff3d619	381 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 01:18:52 Last Seen2024-04-18 06:14:36 Times Seen1862 Hash 591472b2388f139ba72263a46ff3d619 51af3d9df4a627071d03481542efe344da6c969f 534cebb2ad439f5a67eef8084ce23509bb3bb872ea8cab7a41ebe1cbb7a95a2d Loading...

		Size	First Seen	Last Seen
	#1 Write - 92c02e3d578f6a63f548a9b1c8265db4	48 kB	2023-03-07	2023-10-03
Pretty Observations First Seen2023-03-07 01:18:52 Last Seen2023-10-03 15:04:56 Times Seen10 Hash 92c02e3d578f6a63f548a9b1c8265db4 39462933a6cad9ae3f8aef835b3ff114794cc4ad 0dc5ad6743c2c91a32ff4b042c57fa7bd87919fbd8f3f786095b0149984cc0c1 Loading...

HTTP Transactions (88)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8112
Expires: Sat, 17 Sep 2022 11:06:39 GMT
Date: Sat, 17 Sep 2022 08:51:27 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 17 Sep 2022 08:11:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6uv-jJNXEeDVCRA7fcLjxh9xsSPl5frj7lVh3t6NrB9EkCGrxHv3sQ==
Age: 2411

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 17 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kGNaKYpVIw6SU7SB9ewk6R3R58VMp16PFxTh0Qvo7dQQrJFYW-JkCA==
age: 19245
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/express.php

198.98.51.122

301 Moved Permanently

328 B

URL HTTP/1.1
usit-8trty.uspiat.life/query/express.php
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
328 B (328 bytes)
Hash
76562ca49c405b12e4bf22a446208003
cb60f14a34bdc027666a92226c7ac0fa29af29fc
d9bf2afed8a43fb880626f47b08dd8cd5b8e18806cf42ef0df734c18bc38958a

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /query/express.php HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 08:51:27 GMT
Server: Apache
Location: https://usit-8trty.uspiat.life/query/express.php
Content-Length: 328
Connection: close
Content-Type: text/html; charset=iso-8859-1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 08:51:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 17 Sep 2022 08:03:22 GMT
Cache-Control: max-age=3600
Expires: Sat, 17 Sep 2022 08:37:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KH9lqFn0jv1fFMw6mRespS_fFD0Cg9mvAk1mgA3I9fXibdjQn56r0Q==
Age: 2885

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0a4d4a0b91b408890948d14438c9ea23
eb8c1b24a7d83544885c51ea95ba947a8f47617e
8ed33e62ffd58898ee79120fb33793d41a18f904f7ff3d2df66fc2b636c7422d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8ED33E62FFD58898EE79120FB33793D41A18F904F7FF3D2DF66FC2B636C7422D"
Last-Modified: Fri, 16 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21551
Expires: Sat, 17 Sep 2022 14:50:38 GMT
Date: Sat, 17 Sep 2022 08:51:27 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3db421016cf0e3ad25f324cf0faf0fac
b15909de1105d4d2fb5be5b3920c454daf022445
914b15f28636e0a5e851540ffb0625ecd09d0546b2f1f7af90b267ceebcf1d5d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4057
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 08:51:27 GMT
Last-Modified: Sat, 17 Sep 2022 07:43:50 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.160.51.228

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.160.51.228:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wP8VfS+hovCEHUJJzCOtkg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NGUFWYUx6gC8imp1vweqhyeTkDg=

usit-8trty.uspiat.life/query/files/base64.js

198.98.51.122

200 OK

2.3 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/base64.js
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with very long lines (362)
Size
2.3 kB (2349 bytes)
Hash
03fc3b2a7e0c63ae02632e3b02157ab3
da817fb63f07aa5728fd937f276ec97bb13a2ccd
eb50c63cbff6840583e19c8fcc1d83736a001fe4975a238004a48436dbb7a7fa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/base64.js HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 14:55:34 GMT
etag: "1dd9-5e5e43db30580-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2349
content-type: application/javascript
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/crypto-js.js

198.98.51.122

200 OK

32 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/crypto-js.js
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text
Size
32 kB (31898 bytes)
Hash
eb520a35261de89c18a4c28b2056291e
125e35f46d70837953c9243b07017225f12268b0
331c0b5a9a20dc6a486a54dfe108770a238584e7ac88ea77fdc2cebb5c161426

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/crypto-js.js HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 14:55:34 GMT
etag: "305e2-5e5e43db30580-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 31898
content-type: application/javascript
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/rc4.js

198.98.51.122

200 OK

1.1 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/rc4.js
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text
Size
1.1 kB (1122 bytes)
Hash
34fd44094f043ca765f45baa151304d1
24270e31991c5a6b82af710443a91c80fb813e75
39f46e4d0f244984e788c81e5d544e72eaf5da8c04c4172d7b271ab4bf726118

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/rc4.js HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 14:55:34 GMT
etag: "df1-5e5e43db30580-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1122
content-type: application/javascript
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/footer.css

198.98.51.122

200 OK

974 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/footer.css
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with very long lines (2933), with no line terminators
Size
974 B (974 bytes)
Hash
b611fdf100b35a33f41b3ce5481140ea
6a1dbe40f2e5794b049429f90704e654202e9c6a
7d9057f5e50850fcf2328dc405d8ee26149524f4afcbaf419f83e0b3e7aa52a9

HTTP Headers

GET /query/files/footer.css HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "b75-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 974
content-type: text/css
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/express.php

198.98.51.122

200 OK

124 kB

URL HTTP/2
usit-8trty.uspiat.life/query/express.php
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
124 kB (124076 bytes)
Hash
abf9d1f2e023c266bc4c021ba846d7e2
bd754c7241cde31ee6e3a2ced95a0b01740f0da7
17909871fc45abc92412583eceaf7a4f11b3415106a9aafdfd7dbc3d0b5ccbfe

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /query/express.php HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2; path=/
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 17 Sep 2022 08:51:27 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/calendar.css

198.98.51.122

200 OK

2.6 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/calendar.css
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with very long lines (14589), with no line terminators
Size
2.6 kB (2579 bytes)
Hash
08db95a016165b8d14a144668b7e064a
92d6357bc5733087226e84420a95a6d40f9662e1
25afbe8a97386e1a035d5f7110657ba82542d0674d774639a9a43876512680a8

HTTP Headers

GET /query/files/calendar.css HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "38fd-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2579
content-type: text/css
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/datepicker3.css

198.98.51.122

200 OK

2.4 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/datepicker3.css
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with very long lines (20872)
Size
2.4 kB (2424 bytes)
Hash
69bd638091a5922cfa5aa06da089175c
57577cbe76db20ad3f29fa5baa749dfca948aef3
a48751d686c78929ac1303b169da95d32ef0e829680208be0c46382776830fb2

HTTP Headers

GET /query/files/datepicker3.css HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "527d-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2424
content-type: text/css
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/main.css

198.98.51.122

200 OK

13 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/main.css
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with very long lines (547)
Size
13 kB (12604 bytes)
Hash
4e0db316a92eed7892f16d859a934ca3
84b349363f92147e35792f825ac529882d323cf6
ea9d5facdbda74089c02125f69f144e4f42a54d5d25597dd8565adea303fd454

HTTP Headers

GET /query/files/main.css HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 18 Aug 2022 15:30:26 GMT
etag: "15df7-5e685a91f6880-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12604
content-type: text/css
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/tracking-cross-sell.css

198.98.51.122

200 OK

1.0 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/tracking-cross-sell.css
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with very long lines (3075), with no line terminators
Size
1.0 kB (1048 bytes)
Hash
797100b379ef4b459b884be14bbb6e4f
0683d9a3ead422cbf0e163d0ae0d61e51d6f1236
bbf22e1882686844926ae028f381e94def083d8b511f80edc3cfb5d8ccfa781f

HTTP Headers

GET /query/files/tracking-cross-sell.css HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "c03-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1048
content-type: text/css
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/jquery-ui.min.css

198.98.51.122

200 OK

7.9 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/jquery-ui.min.css
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with very long lines (29153), with CRLF line terminators
Size
7.9 kB (7869 bytes)
Hash
770266d7d40da4ad1a7b171b6d167346
f8893a9442af6605400881396fe06f56c93bd23f
b74ed12758ecf80f0ee74d841fbe5beabec873ab3b66e98bfd893983fb0eee96

HTTP Headers

GET /query/files/jquery-ui.min.css HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "7d19-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7869
content-type: text/css
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/schedule-redelivery.css

198.98.51.122

200 OK

4.7 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/schedule-redelivery.css
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with very long lines (23038), with no line terminators
Size
4.7 kB (4697 bytes)
Hash
7083e43ac731afa1f12fc1ccd3c73041
338ebbbf9236f1f96ee0bf5e6d7a09a2b6ba7c37
0904b54d0a25d43cc0e642c3e8a265ec388db2684af6f28c28cfcc6fa7f037c1

HTTP Headers

GET /query/files/schedule-redelivery.css HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "59fe-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4697
content-type: text/css
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/css/sweetalert.css

198.98.51.122

200 OK

3.7 kB

URL HTTP/2
usit-8trty.uspiat.life/query/css/sweetalert.css
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with CRLF line terminators
Size
3.7 kB (3740 bytes)
Hash
19d5f573a32b57a9b7247c6e14dcae0a
ae20837523f9602ba37db6aa83e0f0dbdb83a1d2
5a25c1cbb4314a1d10a60c6b3c9e82afe43ded0dd0dcbd26db7e5d30841bb68a

HTTP Headers

GET /query/css/sweetalert.css HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 18 Aug 2022 14:43:14 GMT
etag: "5d01-5e68500528480-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3740
content-type: text/css
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/trackingCode.js

198.98.51.122

200 OK

448 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/trackingCode.js
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with very long lines (650), with no line terminators
Size
448 B (448 bytes)
Hash
64b216ab423a2e5a454ae6669e38214b
4b1d2d7b9ac10e274fcecb76cffbb43b7971d912
b357c6e2a71641bd72c5f0a7e78682592f4959162ed28e07097eded9be92fd50

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/trackingCode.js HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:37:54 GMT
etag: "28a-5beb55ee55880-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 448
content-type: application/javascript
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

fast.fonts.net/t/1.css?apiType=css&projectid=undefined

104.17.225.78

200 OK

0 B

URL HTTP/2
fast.fonts.net/t/1.css?apiType=css&projectid=undefined
IP
104.17.225.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/1.css?apiType=css&projectid=undefined HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 17 Sep 2022 08:51:28 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: MY0omUKLWb1Hg1TiGNkECj5rmYhrpMOOXyXLfCal35dfHOxQwXtOkHR38J7VygOtrmgZ2VCOxAg=
x-amz-request-id: VPCSRNPT0SC53J86
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 9259
accept-ranges: bytes
set-cookie: __cf_bm=gVJbLZRoReNRI8n8U1UDO9REU9yOQON0hoZH5JfcJM0-1663404688-0-AeXk94vSxwoqViTGawZKCJagYeU/vY5qszd9GpkIYrA7nfnBeOjU4Z4WIT9Y1IDWxQZPJjIQdZSVPLUaIDdLu54=; path=/; expires=Sat, 17-Sep-22 09:21:28 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c099a788b21c06-OSL
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/footer-sb.css

198.98.51.122

200 OK

956 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/footer-sb.css
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with very long lines (3161), with CRLF line terminators
Size
956 B (956 bytes)
Hash
11e2d3c7770d3eac11107b68d09fe244
8777df60d38ac3d2cebcb0725fff8e5877ea58bc
e0bd2bd0e11820f7ca8e5686b77b66b3bd8270deab2fcb5f5e3ceedf766be2f4

HTTP Headers

GET /query/files/footer-sb.css HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 15:09:06 GMT
etag: "c5b-5e5e46e192880-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 956
content-type: text/css
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/main-sb.css

198.98.51.122

200 OK

2.0 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/main-sb.css
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with very long lines (646)
Size
2.0 kB (2046 bytes)
Hash
ce586c65fd90600c41e5cbfc56ab828d
09f02c4210fbe00d285525e12cf745059dd314f7
6c241c29c79296e340658c842d66339171f704cf39b58acb359de71a95b31b4f

HTTP Headers

GET /query/files/main-sb.css HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 18 Aug 2022 14:00:44 GMT
etag: "19e2-5e68468549b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2046
content-type: text/css
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/megamenu-v2.css

198.98.51.122

200 OK

6.9 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/megamenu-v2.css
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with very long lines (44725), with no line terminators
Size
6.9 kB (6934 bytes)
Hash
cdb0b5a380d76f89923182936ea8add4
3953994e68f4d835d930763240beeb62f6f55ab3
0a0198fb984febee0fa81c24e6de5b11439e27dc87428c647213f7d505da1174

HTTP Headers

GET /query/files/megamenu-v2.css HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "aeb5-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6934
content-type: text/css
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/qt.css

198.98.51.122

200 OK

9.9 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/qt.css
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1599), with CRLF, LF line terminators
Size
9.9 kB (9892 bytes)
Hash
40636c462b3bc2beeb47c86f213195ac
395b688df1c66e016de38a90c6c6788252a43e42
f2f5c174a5d60bfe58fb362bb86f8691fb6ffb977a8248bd24aef980165cccb9

HTTP Headers

GET /query/files/qt.css HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "c800-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9892
content-type: text/css
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/sweetalert-dev.js

198.98.51.122

200 OK

32 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/sweetalert-dev.js
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
ASCII text, with very long lines (22643), with CRLF line terminators
Size
32 kB (32351 bytes)
Hash
8e7e9970ac6307ac9aa2d79e4ba1cdd8
fc9db081641d61329351fc865a5fabd75bc2d15b
842b5089be989ffed89bfaf08411e1ba8adc14cb6d91dacc9f14a6a53dec1010

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/sweetalert-dev.js HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 18 Aug 2022 14:44:54 GMT
etag: "1e0c1-5e68506486580-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 32351
content-type: application/javascript
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/hamburger.svg

198.98.51.122

200 OK

293 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/hamburger.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Size
293 B (293 bytes)
Hash
9b7c44ed4f110f521a0723c72a8eb564
93880a1ac4f3db644c1cde233e1655515f0fe155
063ed60e1fad716b6c2d38c717f346301bfaee106a6e72a943527398322c9892

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/hamburger.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "222-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 293
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/logo_mobile.svg

198.98.51.122

200 OK

908 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/logo_mobile.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
908 B (908 bytes)
Hash
bd23bec0b762655a1f6245c929b8d424
640178557a946360d7a160acc1c4ea52ff313258
919beb8f1a11326db3f1464fd7b2ae92ec2061a3a7091ceeae8d8a1f5c8092ae

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/logo_mobile.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "80c-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 908
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/search.svg

198.98.51.122

200 OK

795 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/search.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
795 B (795 bytes)
Hash
bc6bba680b71bc912c455bd5621c5720
d48c35dec62877452b6345daf910ceea514acc2f
1204068f265bc491b31eb55cd585ab507116877de4d4d5abc0e613824cbc00b0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/search.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "5b9-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 795
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/tracking.svg

198.98.51.122

200 OK

844 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/tracking.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
844 B (844 bytes)
Hash
df358064d9a3e5fdf09fb9cc04559199
fa3e1c6d16a1aa2c2a12fc7eaf39f8e84d08312c
0e984ade03c77408d3ec03bc8b027a67745a3534f37e8c55f72fd48e72289ce5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/tracking.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "619-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 844
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/mailman.svg

198.98.51.122

200 OK

904 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/mailman.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
904 B (904 bytes)
Hash
80c18361aa7dd736d5442b5086e5bf9a
30e94a82cff4154161f1d45c395b43c44da2d74c
5429d099110a77d4f8eace62000c9af90636aa326e21c98b7ec1efc33a4bc4dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/mailman.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "723-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 904
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/location.svg

198.98.51.122

200 OK

1.2 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/location.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1209 bytes)
Hash
34a7de74809276c444c11adc2ee2548a
b5bbe7d68582af73cbeed0d626204c5e77498599
e1bcd09ac1d25e2966c793dad31851895239753f917ca753a6f04d508c41b760

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/location.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "a1a-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1209
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/stamps.svg

198.98.51.122

200 OK

551 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/stamps.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
551 B (551 bytes)
Hash
473959a921d63844bfca913bdd647b86
0c3dcff1f1590f7e849a243024bbf750334f27c7
1e96b78b600d7a126ce207ba09b15fc7d139d27f3da90cdaf2cbf9c3a7c13f67

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/stamps.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "44f-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 551
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/schedule_pickup.svg

198.98.51.122

200 OK

923 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/schedule_pickup.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
923 B (923 bytes)
Hash
6e782ed8ead72b9c2b30eb8ea98187ec
6a3fa08e1d9337920d087bbc7a959b9d4d326898
933ea7499f489e16c2a30f006945636869ddc2b47bb330fb2fec0f57c44939c0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/schedule_pickup.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "6ef-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 923
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/calculate_price.svg

198.98.51.122

200 OK

772 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/calculate_price.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
772 B (772 bytes)
Hash
7da320f36dbec5db0155f8acf3c3e01f
0992c0aea45598de82500c3355a8592de1dbf1b2
f24aada878541d572bbe98fd32775e988625e502d12a0f02de7912347812ed8c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/calculate_price.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "8fe-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 772
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/logo-sb.svg

198.98.51.122

200 OK

1.6 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/logo-sb.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.6 kB (1610 bytes)
Hash
c8cd694091256e9e622db809e3604157
0876363e046c8fd1cc641a74477847bca1e3f325
4c1f2d664fb8e66307932ba589cd6a50eaed3b33a300bd1aa51ec9014ebe5f5f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/logo-sb.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "de5-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1610
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/find_zip.svg

198.98.51.122

200 OK

793 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/find_zip.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
793 B (793 bytes)
Hash
7138d9e048926785f5a7609e6af8b5ff
891564b452b04a8762af39bab5db29319b793b71
f115211fc7a8c69e069820271283f2cf84c3e071e050bbc44778d7e15b8c4e4f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/find_zip.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "5bf-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 793
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/holdmail.svg

198.98.51.122

200 OK

768 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/holdmail.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
768 B (768 bytes)
Hash
105347570302f32dbda804910de6cbd6
28bb230d50c51c108fdd3f2276d0e8fa2ca1bd82
1906c7cbea0ffb86914aaff0f63b344ce036c5fa0bdd25d7e898b24f07ee2de8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/holdmail.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "5a8-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 768
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/change_address.svg

198.98.51.122

200 OK

935 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/change_address.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
935 B (935 bytes)
Hash
8b5a8192d6d9bab07ba9363d48031e8d
9bfb0814d54c9e35c66f3b6231ab6662a2596b20
b5f023b16827792c716e84ed62f9dbe1b87bf68bf3052ab20ab82ccd4ac4b2ac

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/change_address.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "74d-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 935
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/po_box.svg

198.98.51.122

200 OK

848 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/po_box.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
848 B (848 bytes)
Hash
1d88a7c92e6c58ab328fb0f274d71799
dfc51974e2f17968b8e7e86e2ac8496735fbfce1
b10c2e5eb3a7281e8bd0f21c6bcdbf8b6a593e3ec063242e98ac465d53d353ac

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/po_box.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "667-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 848
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/free_boxes.svg

198.98.51.122

200 OK

643 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/free_boxes.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
643 B (643 bytes)
Hash
40b492a5e65c0654e8b162cad3795475
1d89fce0b15dfb9e85b171a98dfd7701336ec363
f95845daaef3450ec7b6d0d14a6f9125cef5552e4fae068338512924a27a76c5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/free_boxes.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "42a-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 643
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/featured_clicknship.svg

198.98.51.122

200 OK

493 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/featured_clicknship.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Size
493 B (493 bytes)
Hash
b93c4c39b88fca2acefa761a420a96e3
bf6507826fae68fd0c9bab378ebad29d32f00465
7f343f565aa96c3ae50cfd1180d0583b043e6d233326da227a0695afee85c6df

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/featured_clicknship.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "436-5beb5590dfc00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 493
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/go-now(1).png

198.98.51.122

200 OK

8.0 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/go-now(1).png
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (8026 bytes)
Hash
49754396635190a6532dd376acc76ee1
526df243e2adbf5719b082c5e04190ed40209ccd
0962cc2915393132882747bf55b069572324019764af92ec02d5d0249bfdff99

HTTP Headers

GET /query/files/go-now(1).png HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "1f5a-5beb5590dfc00"
accept-ranges: bytes
content-length: 8026
content-type: image/png
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/go-now.png

198.98.51.122

200 OK

20 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/go-now.png
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
PNG image data, 210 x 142, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20334 bytes)
Hash
d0dad9004bae0df70b06b75557b1df62
4a080764de6b97902413f5c836432a30da348517
2ff8048ab175abf501e134d00a973ca31a7b0de09c2777eab0a2c9dc07ca0289

HTTP Headers

GET /query/files/go-now.png HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "4f6e-5beb5590dfc00"
accept-ranges: bytes
content-length: 20334
content-type: image/png
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/go-now(3).png

198.98.51.122

200 OK

20 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/go-now(3).png
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19969 bytes)
Hash
6311ef7a60f86d77aa48fcc48a675a31
96bc8b2fe87b126ffbf0d7b7ad8419661cb6bd9c
70d715475fb0a4756fc65c50cbb2cf0ca15f7311efc6c54b18e045e6ab202251

HTTP Headers

GET /query/files/go-now(3).png HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "4e01-5beb5590dfc00"
accept-ranges: bytes
content-length: 19969
content-type: image/png
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/go-now(4).png

198.98.51.122

200 OK

22 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/go-now(4).png
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22133 bytes)
Hash
22ab573e325c944450873345437b0887
0446e4d20c824d38ef4d427cf7e025c8f034f11a
d8573e3e13b1fb40173ea39d5e7fc1b935ae1239b9ca37ac3d7fedf3d966f4ed

HTTP Headers

GET /query/files/go-now(4).png HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "5675-5beb5590dfc00"
accept-ranges: bytes
content-length: 22133
content-type: image/png
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/go-now(2).png

198.98.51.122

200 OK

27 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/go-now(2).png
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (26972 bytes)
Hash
b596424d2e958b51d7a68b46cadb6855
77eeeff212b8cd75a31beb954907e20bc5f8c831
daaeb825e97d878d0b5d5dfce37a2dd592ac0e1c5b887e24705835442d317365

HTTP Headers

GET /query/files/go-now(2).png HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 23:36:16 GMT
etag: "695c-5beb5590dfc00"
accept-ranges: bytes
content-length: 26972
content-type: image/png
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/global-elements/header/images/utility-header/mailman.svg

198.98.51.122

404 Not Found

269 B

URL HTTP/2
usit-8trty.uspiat.life/global-elements/header/images/utility-header/mailman.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
e71e01e01cb33d11172cf4dabd8c0e7a
17d4aa35dedc7f666d8e938d47f1d97a4d6de2aa
006592bd5b298584e55ab33b99f5de504106c4df7835ec221ff78ccfe3974cb6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/files/megamenu-v2.css
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 269
content-type: text/html; charset=iso-8859-1
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/global-elements/header/images/package-intercept.svg

198.98.51.122

404 Not Found

269 B

URL HTTP/2
usit-8trty.uspiat.life/global-elements/header/images/package-intercept.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
e71e01e01cb33d11172cf4dabd8c0e7a
17d4aa35dedc7f666d8e938d47f1d97a4d6de2aa
006592bd5b298584e55ab33b99f5de504106c4df7835ec221ff78ccfe3974cb6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/package-intercept.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/files/megamenu-v2.css
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 269
content-type: text/html; charset=iso-8859-1
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/global-elements/header/images/schedule-redelivery.svg

198.98.51.122

404 Not Found

269 B

URL HTTP/2
usit-8trty.uspiat.life/global-elements/header/images/schedule-redelivery.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
e71e01e01cb33d11172cf4dabd8c0e7a
17d4aa35dedc7f666d8e938d47f1d97a4d6de2aa
006592bd5b298584e55ab33b99f5de504106c4df7835ec221ff78ccfe3974cb6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/schedule-redelivery.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/files/megamenu-v2.css
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 269
content-type: text/html; charset=iso-8859-1
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/global-elements/header/images/icon-personalize-stamped-envelopes.svg

198.98.51.122

404 Not Found

269 B

URL HTTP/2
usit-8trty.uspiat.life/global-elements/header/images/icon-personalize-stamped-envelopes.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
e71e01e01cb33d11172cf4dabd8c0e7a
17d4aa35dedc7f666d8e938d47f1d97a4d6de2aa
006592bd5b298584e55ab33b99f5de504106c4df7835ec221ff78ccfe3974cb6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /global-elements/header/images/icon-personalize-stamped-envelopes.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/files/megamenu-v2.css
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 269
content-type: text/html; charset=iso-8859-1
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/images/nav-red-chevron.svg

198.98.51.122

404 Not Found

269 B

URL HTTP/2
usit-8trty.uspiat.life/query/images/nav-red-chevron.svg
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
e71e01e01cb33d11172cf4dabd8c0e7a
17d4aa35dedc7f666d8e938d47f1d97a4d6de2aa
006592bd5b298584e55ab33b99f5de504106c4df7835ec221ff78ccfe3974cb6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/images/nav-red-chevron.svg HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/files/main.css
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 269
content-type: text/html; charset=iso-8859-1
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/footer-logo.png

198.98.51.122

200 OK

5.4 kB

URL HTTP/2
usit-8trty.uspiat.life/query/files/footer-logo.png
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
PNG image data, 221 x 27, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5390 bytes)
Hash
ccd62119eaa0e3697f60599487c51ad5
8e44d3123b4ce2005c76a2b8dcf7870058d2a82d
1cc43a97be92fddf0fe4244858f5337c80a8d350cd0afcd0c4d2004d3fded0ab

HTTP Headers

GET /query/files/footer-logo.png HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/files/footer-sb.css
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 15:08:14 GMT
etag: "150e-5e5e46affb380"
accept-ranges: bytes
content-length: 5390
content-type: image/png
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/schedule_pickup.svg

192.229.221.165

200 OK

923 B

URL HTTP/2
www.usps.com/assets/images/home/schedule_pickup.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
923 B (923 bytes)
Hash
9f9e044f92360c82183e3a31b774e7b2
273798ee8d4dead89367b835cdb7f65f51e81b47
e4b7ae480aae11558a890826cde2cc6fa10039a787052dfc72cdad3e7a772373

HTTP Headers

GET /assets/images/home/schedule_pickup.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27633
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "6ef-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/732F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 923
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/tracking.svg

192.229.221.165

200 OK

844 B

URL HTTP/2
www.usps.com/assets/images/home/tracking.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
844 B (844 bytes)
Hash
04034bbe69ef912819cee070ff866703
2c96d71004568c2b460a7f8b796ae45ad89999ec
959755a6f38fb278acd6abb223db552ecf757c291f437149663009aafb83a181

HTTP Headers

GET /assets/images/home/tracking.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 43946
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "619-5494e7f71e280+gzip"
last-modified: Fri, 24 Feb 2017 22:46:18 GMT
server: ECAcc (dcb/7E95)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 844
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/change_address.svg

192.229.221.165

200 OK

935 B

URL HTTP/2
www.usps.com/assets/images/home/change_address.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
935 B (935 bytes)
Hash
6c6d11d6d4ad880538ac8b3c9b244e35
d2f5a684574f89a8bdac4ac35508dc29c61e9771
7d2bde4b550c48e86e4d1c6a106d195b5a259f74e2ceeab0772712d356ae7eb9

HTTP Headers

GET /assets/images/home/change_address.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27728
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "74d-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/733A)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 935
X-Firefox-Spdy: h2

tools.usps.com/global-elements/header/images/utility-header/mailman.svg

192.229.221.165

200 OK

904 B

URL HTTP/2
tools.usps.com/global-elements/header/images/utility-header/mailman.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
904 B (904 bytes)
Hash
e4bb1afb6143cb1307585f007399e0e4
7d28cd35cbdb8427d4a12274c3f455e57f4742e0
06410c31087cff92e7842a2e6aaef3b5b114192f77e2b652283250fdca6d5e30

HTTP Headers

GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: tools.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
age: 10568
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "723-55885af730a40+gzip"
last-modified: Wed, 06 Sep 2017 13:54:41 GMT
server: ECAcc (dcb/7311)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-frame-options: SAMEORIGIN
x-ruleset-version: 5.1
content-length: 904
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/stamps.svg

192.229.221.165

200 OK

551 B

URL HTTP/2
www.usps.com/assets/images/home/stamps.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
551 B (551 bytes)
Hash
780aa534eb1541ac0834489beafdeea2
2593cddb6c1b7505016d3c1138e16ff556e42166
c2a1858fe0517c4c928dad150f22710f1771c1b43b92b79ceb0b20e44db61ee8

HTTP Headers

GET /assets/images/home/stamps.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1464
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "44f-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7EC4)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 551
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/shipping-supplies.svg

192.229.221.165

200 OK

1.3 kB

URL HTTP/2
www.usps.com/test/nav/images/shipping-supplies.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.3 kB (1282 bytes)
Hash
7a8b39b328ba3e776e643f66844896e8
7a400d0f33c592651da919c728a30e46207a9449
05140d52bba76b4464360b852c3b78227cc2865c4512bf0010ee666f0c985f99

HTTP Headers

GET /test/nav/images/shipping-supplies.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27261
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "9f8-560f10eaa9b40+gzip"
last-modified: Fri, 22 Dec 2017 17:22:13 GMT
server: ECAcc (dcb/731F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1282
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/utility_customer_service.png

192.229.221.165

200 OK

1.3 kB

URL HTTP/2
www.usps.com/assets/images/home/utility_customer_service.png
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1307 bytes)
Hash
3500d365cd94527c71fe9c70d5cda435
0c7bede628d74cefaf5fce1b675c0ce3c72c78c9
34b28a24c5414dab68a15be6613536d905faf33fbf1aed8ee4702caa60be9bca

HTTP Headers

GET /assets/images/home/utility_customer_service.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 27172
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "51b-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7EB6)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1307
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/search.svg

192.229.221.165

200 OK

795 B

URL HTTP/2
www.usps.com/assets/images/home/search.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
795 B (795 bytes)
Hash
ccfe748c6040d78e356b03d1a731585e
3e15bb471b3c3d0a5cebc3ccd137b5daf9273b7e
9a1b75fecaa2e0de127c36ddbb63c1bc2c44b3f81eed395734dee1ce837162fe

HTTP Headers

GET /assets/images/home/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27069
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "5b9-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7F4B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/find_zip.svg

192.229.221.165

200 OK

793 B

URL HTTP/2
www.usps.com/assets/images/home/find_zip.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
793 B (793 bytes)
Hash
4b74917936300819402d564909e39a34
82c09f9b1fa78724d4843b28f12c52e8bb218f2a
d7178ea719cbe6f11c5da374dc26908b1ad0d05d34a33cd6e6d701f5e05c209b

HTTP Headers

GET /assets/images/home/find_zip.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27068
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "5bf-5494e7ed94c00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:08 GMT
server: ECAcc (dcb/7ECC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 793
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/holdmail.svg

192.229.221.165

200 OK

768 B

URL HTTP/2
www.usps.com/assets/images/home/holdmail.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
768 B (768 bytes)
Hash
2f40bbb9da0d97f2ba3f3efcfd7533af
34c76f88cdda4be234b58a76e466bc7a972f14ea
f1d176e77951f74582e7e311d99f98f7ce582bdb30051987f257eb3393ee2069

HTTP Headers

GET /assets/images/home/holdmail.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27730
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "5a8-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7EFC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 768
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/gifts.svg

192.229.221.165

200 OK

590 B

URL HTTP/2
www.usps.com/test/nav/images/gifts.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
590 B (590 bytes)
Hash
e97f9908f9eef2a76ea4f48e00196980
f32d5a4b791567c690ea7095d93bec78e422db40
ad60c73a39b0fcd4b311654aab6f3954edb03f37034ad5567cf9f69d63d905f4

HTTP Headers

GET /test/nav/images/gifts.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27337
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "3ee-560f10e9b5900+gzip"
last-modified: Fri, 22 Dec 2017 17:22:12 GMT
server: ECAcc (dcb/7378)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 590
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/business.svg

192.229.221.165

200 OK

689 B

URL HTTP/2
www.usps.com/test/nav/images/business.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
689 B (689 bytes)
Hash
3b81ef43fc5b08bab4155c5fed116dc9
a5a804fb2f8f51b3e588d4edb01752eba0380f8d
a513b0f2fb200e9cf7b30ccfbde98f79e87a027c256d99f3159ad22dcb5cc4cb

HTTP Headers

GET /test/nav/images/business.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27674
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "4d2-560f10e7cd480+gzip"
last-modified: Fri, 22 Dec 2017 17:22:10 GMT
server: ECAcc (dcb/7FBE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 689
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/location.svg

192.229.221.165

200 OK

1.2 kB

URL HTTP/2
www.usps.com/assets/images/home/location.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1209 bytes)
Hash
9d8433f178d5a7b839a8bf25552c62b0
c21cec68e524862992f4aa51bf6955b953a65112
d01cb5a23f9b7f4a0a3db27cfd3d90e3813e75ed498fdbabe4df3a859390bd4f

HTTP Headers

GET /assets/images/home/location.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27256
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "a1a-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7F25)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1209
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/po_box.svg

192.229.221.165

200 OK

848 B

URL HTTP/2
www.usps.com/assets/images/home/po_box.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
848 B (848 bytes)
Hash
a1feed192f3aca7fd02c00b6ee45bb07
fce52b953f90a873186cd2c3ddb26dcca41884be
88dcd2a8a6b055bf63763c0a86338f33b09a257c89e26a5ae6a364becf1ac122

HTTP Headers

GET /assets/images/home/po_box.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27677
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "667-5494e7f259740+gzip"
last-modified: Fri, 24 Feb 2017 22:46:13 GMT
server: ECAcc (dcb/7FD5)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 848
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/utility_languages.png

192.229.221.165

200 OK

1.5 kB

URL HTTP/2
www.usps.com/assets/images/home/utility_languages.png
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1456 bytes)
Hash
410956805d5701e87299cff412827e1a
5de9a390649dfc12e3d6df431140d499ad8abd67
6e727dbf5b0f4a3ec76762e445ad2c5cb750f7de41afb8b0342f903124d09826

HTTP Headers

GET /assets/images/home/utility_languages.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 27503
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "5b0-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7E8E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1456
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/cards-and-envelopes.svg

192.229.221.165

200 OK

1.1 kB

URL HTTP/2
www.usps.com/test/nav/images/cards-and-envelopes.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1056 bytes)
Hash
5d63c3636efb2bbcb327ed13b714367b
c7e326811c101213173c2a585d1e9700731816ed
c63dd4b3239df8b0709202228ad62b9e06ec96c346d8f86f9e33a554973b795f

HTTP Headers

GET /test/nav/images/cards-and-envelopes.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 75943
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "8a9-560f10e8c16c0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:11 GMT
server: ECAcc (dcb/7F6F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1056
X-Firefox-Spdy: h2

www.usps.com/global-elements/header/images/utility-header/search.svg

192.229.221.165

200 OK

795 B

URL HTTP/2
www.usps.com/global-elements/header/images/utility-header/search.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
795 B (795 bytes)
Hash
78562ea313af96eca6581054fdbbc76c
b0f3fd320af131b3787b39c864ecac52de12a75e
7932a41ccc861366f60896fe808612a1361c85d654aef21c5d54f7673141c0a9

HTTP Headers

GET /global-elements/header/images/utility-header/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27057
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "5b9-549b126599f40+gzip"
last-modified: Wed, 01 Mar 2017 20:28:05 GMT
server: ECAcc (dcb/7ECE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/collectors.svg

192.229.221.165

200 OK

561 B

URL HTTP/2
www.usps.com/test/nav/images/collectors.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
561 B (561 bytes)
Hash
8439e88bd2e43656b157f9c184635032
ddcb40776177a5eac36973e53f2f8bab73e65ea3
5ea3f924c3453a9b8a3f79251377f385f83c8cf9618129427795adf186b9338e

HTTP Headers

GET /test/nav/images/collectors.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27647
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "461-560f10f803ac0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:27 GMT
server: ECAcc (dcb/7FEB)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 561
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/calculate_price.svg

192.229.221.165

200 OK

772 B

URL HTTP/2
www.usps.com/assets/images/home/calculate_price.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
772 B (772 bytes)
Hash
42af7d5484bf8f80ac930313caa5941f
c3dbaf338d7fa81845487333c0cba5b8341bd140
f8f9b52e8d7b815deba988cfcdc6596e9e7b6671075907290c8e96679b18fb2c

HTTP Headers

GET /assets/images/home/calculate_price.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27698
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "8fe-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/7304)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 772
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/featured_clicknship.svg

192.229.221.165

200 OK

493 B

URL HTTP/2
www.usps.com/assets/images/home/featured_clicknship.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Size
493 B (493 bytes)
Hash
efb53558ef3932a80523af92bdda2085
1a97f57d64bc76f296423e1ddbdba9bc71b6d754
f0a25ce9d4e04e6b12bfc528584d599d5e472238849b0e1c66ff5357058d38fe

HTTP Headers

GET /assets/images/home/featured_clicknship.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27782
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 17 Sep 2022 08:51:29 GMT
etag: "436-5494e7bfce000+gzip"
last-modified: Fri, 24 Feb 2017 22:45:20 GMT
server: ECAcc (dcb/7F6B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 493
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Sat, 17 Sep 2022 12:32:48 GMT
Date: Sat, 17 Sep 2022 08:51:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Sat, 17 Sep 2022 12:32:48 GMT
Date: Sat, 17 Sep 2022 08:51:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Sat, 17 Sep 2022 12:32:48 GMT
Date: Sat, 17 Sep 2022 08:51:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Sat, 17 Sep 2022 12:32:48 GMT
Date: Sat, 17 Sep 2022 08:51:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Sat, 17 Sep 2022 12:32:48 GMT
Date: Sat, 17 Sep 2022 08:51:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5234 bytes)
Hash
9c807387d303abb2bca1ef14b14c9e26
428fe80d3f35758433a6b2cf25e6bcb5f63a6a63
277a74204dc8bec8a227ca43cdb840b5dda71f74e8aec56606e862e70a5ba19c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5234
x-amzn-requestid: 55e23e9a-f85c-42f2-87b6-aff3646bf1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yknn_EFzoAMF2Ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec99-62f023426230c7b46116d4b7;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:37:29 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fb2wN0gTI9OKgDghf1u4DKwrADkYcS5_7LIxaLxmbo0OciwezGh_LA==
via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:37:55 GMT
age: 40414
etag: "428fe80d3f35758433a6b2cf25e6bcb5f63a6a63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50373a4c-fa87-4ca5-b0b7-67ee2f12abd1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7305 bytes)
Hash
f108cfb79dd8405677b7406910d11ba5
5ef30af418df5e44a0927361b679b8117c38c473
b4b973702c6c98eaf28345b019c8cf022e8056e07f508e17d156c9e136f11936

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50373a4c-fa87-4ca5-b0b7-67ee2f12abd1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7305
x-amzn-requestid: 15096102-8ffe-47df-bfc7-ff1a1fb9fd1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknUqFJmIAMF5Ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec1d-5c5ca26a24f39af979c17495;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:35:25 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5lUx834-NLHpKCxmdiAdNxCXqqNKGcDJlt9wmGR-XxdlroBfwVTrNg==
via: 1.1 e943d5f0cbb0d255d29da0ddf6639ba8.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:37:47 GMT
age: 40422
etag: "5ef30af418df5e44a0927361b679b8117c38c473"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7788 bytes)
Hash
7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4-H_LbXRjS1PJkVz9OIhwsaPfu8ZlL98zTZG--hdmij9Tc6KtmNSFQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:51:13 GMT
age: 39616
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77aee3f-a7fb-4d87-92a7-6b33dd4ebf28.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5983 bytes)
Hash
e1b42bfa9fc6593b0444391dc260329a
b9c4cd422b818c859ac6ca928bc9e932a578ce30
89eee7200bf7a8bf100f64aee2208d7852265a85feb133fc87846b15cd96e842

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77aee3f-a7fb-4d87-92a7-6b33dd4ebf28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5983
x-amzn-requestid: ba84a9a2-3ebe-4dc9-9604-98d5cccb4f2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknUqFxpoAMFrpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec1d-55cd6d0a6e39357c226dd21d;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:35:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: J2fbb_t40ioxBvoRAT28rW4ujQw-qpPX3mMN97GBdEK_D8_oDz2g4g==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:51:07 GMT
age: 39622
etag: "b9c4cd422b818c859ac6ca928bc9e932a578ce30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c803e59-63c3-4e74-a1ca-aaec9595bd14.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8040 bytes)
Hash
0984a7e1c9a432a1a32229f3b9bc1943
ba2d9b518884badb5ee3bb2f4cb276248e1a6a40
59a35c20b8674348e31e50a6a0f9480674511d087c1e2236763081cd92a4efef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c803e59-63c3-4e74-a1ca-aaec9595bd14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8040
x-amzn-requestid: 59b050c8-b421-4db2-9d1b-ff3ced1be160
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknnoEY0IAMF_4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec97-2ab560e61030d9727d1db5b7;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: yYiP7FSxpVbW5VZDvz73rnpf-H3QXqb08wVVaC1GstmdrOJRaeWriw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:37:27 GMT
age: 40442
etag: "ba2d9b518884badb5ee3bb2f4cb276248e1a6a40"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8500 bytes)
Hash
d46a910081eb782408f1a2fa3c6aabba
28ac45ef155c66dd79a306f14d3b38f597b6a32e
d5787a6a12d275555c627e3245b37d4e751148345a09d5671b343cfebe7173b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: e1ca6cef-c033-4887-80cf-2014ab8e620c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ykn5cEnLIAMFrzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ed09-3afc16cf66fef0e62dd6f3cc;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:39:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pPCI5VDX3PIldEnkLv-VNCFWuykiarYQdLYguNTfmbwxYCDVaS2EcA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:01:45 GMT
age: 38984
etag: "28ac45ef155c66dd79a306f14d3b38f597b6a32e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/favicon.ico

198.98.51.122

404 Not Found

269 B

URL HTTP/2
usit-8trty.uspiat.life/favicon.ico
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
e71e01e01cb33d11172cf4dabd8c0e7a
17d4aa35dedc7f666d8e938d47f1d97a4d6de2aa
006592bd5b298584e55ab33b99f5de504106c4df7835ec221ff78ccfe3974cb6

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-length: 269
content-type: text/html; charset=iso-8859-1
date: Sat, 17 Sep 2022 08:51:29 GMT
server: Apache
X-Firefox-Spdy: h2

usit-8trty.uspiat.life/query/files/jquery.js

198.98.51.122

200 OK

0 B

URL HTTP/2
usit-8trty.uspiat.life/query/files/jquery.js
IP
198.98.51.122:0
ASN
#53667 PONYNET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /query/files/jquery.js HTTP/1.1
Host: usit-8trty.uspiat.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usit-8trty.uspiat.life/query/express.php
Cookie: PHPSESSID=urk01tln8chnd1bg3u0gmnfvh2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 18 Aug 2022 14:27:20 GMT
etag: "15339-5e684c775a200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 30248
content-type: application/javascript
date: Sat, 17 Sep 2022 08:51:28 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations