r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11270
Expires: Wed, 30 Nov 2022 13:12:00 GMT
Date: Wed, 30 Nov 2022 10:04:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8465
Expires: Wed, 30 Nov 2022 12:25:15 GMT
Date: Wed, 30 Nov 2022 10:04:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 790
Cache-Control: max-age=88811
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:04:10 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 10:44:21 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /bymtoG10OjeroF4kNyZyrnWFQx82ejEmMJqMldKIZsLmOGbX1aMT8Ni27go9AVZz4uIR+BxYRo=
x-amz-request-id: T99XMM6QM9Q4G1A5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 09:45:11 GMT
age: 1139
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 09:19:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2669
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 10:04:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.uspsqpp.top/us/post.php
204.44.92.96301 Moved Permanently 308 B URL HTTP/1.1 www.uspsqpp.top/us/post.php
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e9c1501aa4895f040a6a14e6c53ddbb0
8f589dff57b701d4fd99a0419d4d7acfb4fe72ba
992256b0762b136507697fcc3824b8981390e2d475b9d03e91470ca43ada09c8
Analyzer Verdict Alert openphish United States Postal Service
fortinet Malware
quad9 Sinkholed
GET /us/post.php HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 10:04:10 GMT
Server: Apache
Location: https://www.uspsqpp.top/us/post.php
Content-Length: 308
Connection: close
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 09:11:14 GMT
cache-control: public,max-age=3600
age: 3176
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 790
Cache-Control: max-age=170151
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:04:10 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:20:01 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 13dc7c21cdea6ebbe7eba65e5f2d9d9d
18ef455870182ebe1cae1f5ca19d3f7a29bcf3bb
67d37ff262d2a37dff8e8e19eba4c0c6da2bbd86f31c6fb6581e8955c1ff5fb2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67D37FF262D2A37DFF8E8E19EBA4C0C6DA2BBD86F31C6FB6581E8955C1FF5FB2"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Wed, 30 Nov 2022 16:03:36 GMT
Date: Wed, 30 Nov 2022 10:04:11 GMT
Connection: keep-alive
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Hyq+fI/dc5zV8izl1ezsZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iXr05OeY+/NZiP91mINFWx03IX0=
www.uspsqpp.top/us/files/base64.js
204.44.92.96200 OK 2.3 kB URL HTTP/2 www.uspsqpp.top/us/files/base64.js
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (362)
Hash 03fc3b2a7e0c63ae02632e3b02157ab3
da817fb63f07aa5728fd937f276ec97bb13a2ccd
eb50c63cbff6840583e19c8fcc1d83736a001fe4975a238004a48436dbb7a7fa
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /us/files/base64.js HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "1dd9-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2349
content-type: application/javascript
date: Wed, 30 Nov 2022 10:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/rc4.js
204.44.92.96200 OK 1.1 kB URL HTTP/2 www.uspsqpp.top/us/files/rc4.js
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
Hash 34fd44094f043ca765f45baa151304d1
24270e31991c5a6b82af710443a91c80fb813e75
39f46e4d0f244984e788c81e5d544e72eaf5da8c04c4172d7b271ab4bf726118
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /us/files/rc4.js HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "df1-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1122
content-type: application/javascript
date: Wed, 30 Nov 2022 10:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/crypto-js.js
204.44.92.96200 OK 32 kB URL HTTP/2 www.uspsqpp.top/us/files/crypto-js.js
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
Hash eb520a35261de89c18a4c28b2056291e
125e35f46d70837953c9243b07017225f12268b0
331c0b5a9a20dc6a486a54dfe108770a238584e7ac88ea77fdc2cebb5c161426
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /us/files/crypto-js.js HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "305e2-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 31898
content-type: application/javascript
date: Wed, 30 Nov 2022 10:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/footer.css
204.44.92.96200 OK 974 B URL HTTP/2 www.uspsqpp.top/us/files/footer.css
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (2933), with no line terminators
Hash b611fdf100b35a33f41b3ce5481140ea
6a1dbe40f2e5794b049429f90704e654202e9c6a
7d9057f5e50850fcf2328dc405d8ee26149524f4afcbaf419f83e0b3e7aa52a9
Analyzer Verdict Alert urlquery Phishing - US Postal Service
quad9 Sinkholed
GET /us/files/footer.css HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "b75-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 974
content-type: text/css
date: Wed, 30 Nov 2022 10:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/calendar.css
204.44.92.96200 OK 2.6 kB URL HTTP/2 www.uspsqpp.top/us/files/calendar.css
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (14589), with no line terminators
Hash 08db95a016165b8d14a144668b7e064a
92d6357bc5733087226e84420a95a6d40f9662e1
25afbe8a97386e1a035d5f7110657ba82542d0674d774639a9a43876512680a8
Analyzer Verdict Alert urlquery Phishing - US Postal Service
quad9 Sinkholed
GET /us/files/calendar.css HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "38fd-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2579
content-type: text/css
date: Wed, 30 Nov 2022 10:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/post.php
204.44.92.96200 OK 107 kB URL HTTP/2 www.uspsqpp.top/us/post.php
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Size 107 kB (106821 bytes)
Hash f3a2e26eaf6be78816e356780f4ba100
6e5de9149ce60bbc33259e5565dacf37a92e9ca2
bcfbe864f571c07de01724d22215073205566eb7c12c850148d44c66796b55ce
Analyzer Verdict Alert openphish United States Postal Service
fortinet Malware
quad9 Sinkholed
GET /us/post.php HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f; path=/
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 10:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/bootstrap.min.css
204.44.92.96200 OK 20 kB URL HTTP/2 www.uspsqpp.top/us/files/bootstrap.min.css
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (65371)
Hash ff866d37a12705c2ef496e8b9f4c517c
20ca7fa9f3fc1922460cb27aefdde2f5310df05d
bc1f26dc4f463aca5a197e7dbbca884c4217278092f93a92e8472bbf627d8d58
Analyzer Verdict Alert urlquery Phishing - US Postal Service
quad9 Sinkholed
GET /us/files/bootstrap.min.css HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "1d903-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 19694
content-type: text/css
date: Wed, 30 Nov 2022 10:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/main.css
204.44.92.96200 OK 13 kB URL HTTP/2 www.uspsqpp.top/us/files/main.css
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (547)
Hash 4e0db316a92eed7892f16d859a934ca3
84b349363f92147e35792f825ac529882d323cf6
ea9d5facdbda74089c02125f69f144e4f42a54d5d25597dd8565adea303fd454
Analyzer Verdict Alert quad9 Sinkholed
GET /us/files/main.css HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "15df7-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12604
content-type: text/css
date: Wed, 30 Nov 2022 10:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/tracking-cross-sell.css
204.44.92.96200 OK 1.0 kB URL HTTP/2 www.uspsqpp.top/us/files/tracking-cross-sell.css
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (3075), with no line terminators
Hash 797100b379ef4b459b884be14bbb6e4f
0683d9a3ead422cbf0e163d0ae0d61e51d6f1236
bbf22e1882686844926ae028f381e94def083d8b511f80edc3cfb5d8ccfa781f
Analyzer Verdict Alert urlquery Phishing - US Postal Service
quad9 Sinkholed
GET /us/files/tracking-cross-sell.css HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "c03-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1048
content-type: text/css
date: Wed, 30 Nov 2022 10:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/jquery-ui.min.css
204.44.92.96200 OK 7.9 kB URL HTTP/2 www.uspsqpp.top/us/files/jquery-ui.min.css
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (29153), with CRLF line terminators
Hash 770266d7d40da4ad1a7b171b6d167346
f8893a9442af6605400881396fe06f56c93bd23f
b74ed12758ecf80f0ee74d841fbe5beabec873ab3b66e98bfd893983fb0eee96
Analyzer Verdict Alert urlquery Phishing - US Postal Service
quad9 Sinkholed
GET /us/files/jquery-ui.min.css HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "7d19-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7869
content-type: text/css
date: Wed, 30 Nov 2022 10:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/schedule-redelivery.css
204.44.92.96200 OK 4.7 kB URL HTTP/2 www.uspsqpp.top/us/files/schedule-redelivery.css
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (23038), with no line terminators
Hash 7083e43ac731afa1f12fc1ccd3c73041
338ebbbf9236f1f96ee0bf5e6d7a09a2b6ba7c37
0904b54d0a25d43cc0e642c3e8a265ec388db2684af6f28c28cfcc6fa7f037c1
Analyzer Verdict Alert urlquery Phishing - US Postal Service
quad9 Sinkholed
GET /us/files/schedule-redelivery.css HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "59fe-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4697
content-type: text/css
date: Wed, 30 Nov 2022 10:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/css/sweetalert.css
204.44.92.96200 OK 3.7 kB URL HTTP/2 www.uspsqpp.top/us/css/sweetalert.css
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with CRLF line terminators
Hash 19d5f573a32b57a9b7247c6e14dcae0a
ae20837523f9602ba37db6aa83e0f0dbdb83a1d2
5a25c1cbb4314a1d10a60c6b3c9e82afe43ded0dd0dcbd26db7e5d30841bb68a
Analyzer Verdict Alert quad9 Sinkholed
GET /us/css/sweetalert.css HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "5d01-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3740
content-type: text/css
date: Wed, 30 Nov 2022 10:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/trackingCode.js
204.44.92.96200 OK 448 B URL HTTP/2 www.uspsqpp.top/us/files/trackingCode.js
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (650), with no line terminators
Hash 64b216ab423a2e5a454ae6669e38214b
4b1d2d7b9ac10e274fcecb76cffbb43b7971d912
b357c6e2a71641bd72c5f0a7e78682592f4959162ed28e07097eded9be92fd50
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/trackingCode.js HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "28a-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 448
content-type: application/javascript
date: Wed, 30 Nov 2022 10:04:11 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 10ddcf4cb8170774a4452c8320186178
9a61a3135632da15e2e5a39901562d96f0086dc4
a26a6163085400e8ce33b5e5b710329db643dcdcbd292caf06e73b92e33d8646
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 254
Cache-Control: max-age=123170
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:04:12 GMT
Etag: "638667c0-116"
Expires: Thu, 01 Dec 2022 20:17:02 GMT
Last-Modified: Tue, 29 Nov 2022 20:12:48 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
fast.fonts.net/t/1.css?apiType=css&projectid=undefined
104.17.224.78200 OK 0 B URL HTTP/2 fast.fonts.net/t/1.css?apiType=css&projectid=undefined
IP 104.17.224.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/1.css?apiType=css&projectid=undefined HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 10:04:12 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: MY0omUKLWb1Hg1TiGNkECj5rmYhrpMOOXyXLfCal35dfHOxQwXtOkHR38J7VygOtrmgZ2VCOxAg=
x-amz-request-id: VPCSRNPT0SC53J86
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 358953
accept-ranges: bytes
set-cookie: __cf_bm=CPZmp_gJF5F.UyeuTKC68bq_vsEoD8aUs6Rs72T8FP0-1669802652-0-Ac4V8i48tyEbxvfcjY2LCf5et4LOpkCh8AuF74Jg6QNUzGe4EjHnPPa/4fkwThwEHb14oSsuuXTgrZdhPRRjmAw=; path=/; expires=Wed, 30-Nov-22 10:34:12 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7722c1f04e91b4f7-OSL
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/footer-sb.css
204.44.92.96200 OK 956 B URL HTTP/2 www.uspsqpp.top/us/files/footer-sb.css
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (3161), with CRLF line terminators
Hash 11e2d3c7770d3eac11107b68d09fe244
8777df60d38ac3d2cebcb0725fff8e5877ea58bc
e0bd2bd0e11820f7ca8e5686b77b66b3bd8270deab2fcb5f5e3ceedf766be2f4
Analyzer Verdict Alert quad9 Sinkholed
GET /us/files/footer-sb.css HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "c5b-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 956
content-type: text/css
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/main-sb.css
204.44.92.96200 OK 2.0 kB URL HTTP/2 www.uspsqpp.top/us/files/main-sb.css
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (646)
Hash ce586c65fd90600c41e5cbfc56ab828d
09f02c4210fbe00d285525e12cf745059dd314f7
6c241c29c79296e340658c842d66339171f704cf39b58acb359de71a95b31b4f
Analyzer Verdict Alert quad9 Sinkholed
GET /us/files/main-sb.css HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "19e2-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2046
content-type: text/css
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/megamenu-v2.css
204.44.92.96200 OK 6.9 kB URL HTTP/2 www.uspsqpp.top/us/files/megamenu-v2.css
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (44725), with no line terminators
Hash cdb0b5a380d76f89923182936ea8add4
3953994e68f4d835d930763240beeb62f6f55ab3
0a0198fb984febee0fa81c24e6de5b11439e27dc87428c647213f7d505da1174
Analyzer Verdict Alert urlquery Phishing - US Postal Service
quad9 Sinkholed
GET /us/files/megamenu-v2.css HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "aeb5-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6934
content-type: text/css
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/stamps.svg
204.44.92.96200 OK 551 B URL HTTP/2 www.uspsqpp.top/us/files/stamps.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 473959a921d63844bfca913bdd647b86
0c3dcff1f1590f7e849a243024bbf750334f27c7
1e96b78b600d7a126ce207ba09b15fc7d139d27f3da90cdaf2cbf9c3a7c13f67
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/stamps.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "44f-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 551
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/tracking.svg
204.44.92.96200 OK 844 B URL HTTP/2 www.uspsqpp.top/us/files/tracking.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash df358064d9a3e5fdf09fb9cc04559199
fa3e1c6d16a1aa2c2a12fc7eaf39f8e84d08312c
0e984ade03c77408d3ec03bc8b027a67745a3534f37e8c55f72fd48e72289ce5
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/tracking.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "619-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 844
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/hamburger.svg
204.44.92.96200 OK 293 B URL HTTP/2 www.uspsqpp.top/us/files/hamburger.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash 9b7c44ed4f110f521a0723c72a8eb564
93880a1ac4f3db644c1cde233e1655515f0fe155
063ed60e1fad716b6c2d38c717f346301bfaee106a6e72a943527398322c9892
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/hamburger.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "222-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 293
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/po_box.svg
204.44.92.96200 OK 848 B URL HTTP/2 www.uspsqpp.top/us/files/po_box.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 1d88a7c92e6c58ab328fb0f274d71799
dfc51974e2f17968b8e7e86e2ac8496735fbfce1
b10c2e5eb3a7281e8bd0f21c6bcdbf8b6a593e3ec063242e98ac465d53d353ac
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/po_box.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "667-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 848
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/holdmail.svg
204.44.92.96200 OK 768 B URL HTTP/2 www.uspsqpp.top/us/files/holdmail.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 105347570302f32dbda804910de6cbd6
28bb230d50c51c108fdd3f2276d0e8fa2ca1bd82
1906c7cbea0ffb86914aaff0f63b344ce036c5fa0bdd25d7e898b24f07ee2de8
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/holdmail.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "5a8-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 768
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/calculate_price.svg
204.44.92.96200 OK 772 B URL HTTP/2 www.uspsqpp.top/us/files/calculate_price.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 7da320f36dbec5db0155f8acf3c3e01f
0992c0aea45598de82500c3355a8592de1dbf1b2
f24aada878541d572bbe98fd32775e988625e502d12a0f02de7912347812ed8c
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/calculate_price.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "8fe-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 772
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/change_address.svg
204.44.92.96200 OK 935 B URL HTTP/2 www.uspsqpp.top/us/files/change_address.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8b5a8192d6d9bab07ba9363d48031e8d
9bfb0814d54c9e35c66f3b6231ab6662a2596b20
b5f023b16827792c716e84ed62f9dbe1b87bf68bf3052ab20ab82ccd4ac4b2ac
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/change_address.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "74d-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 935
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/schedule_pickup.svg
204.44.92.96200 OK 923 B URL HTTP/2 www.uspsqpp.top/us/files/schedule_pickup.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6e782ed8ead72b9c2b30eb8ea98187ec
6a3fa08e1d9337920d087bbc7a959b9d4d326898
933ea7499f489e16c2a30f006945636869ddc2b47bb330fb2fec0f57c44939c0
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/schedule_pickup.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "6ef-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 923
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/logo-sb.svg
204.44.92.96200 OK 1.6 kB URL HTTP/2 www.uspsqpp.top/us/files/logo-sb.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c8cd694091256e9e622db809e3604157
0876363e046c8fd1cc641a74477847bca1e3f325
4c1f2d664fb8e66307932ba589cd6a50eaed3b33a300bd1aa51ec9014ebe5f5f
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/logo-sb.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "de5-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1610
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/mailman.svg
204.44.92.96200 OK 904 B URL HTTP/2 www.uspsqpp.top/us/files/mailman.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 80c18361aa7dd736d5442b5086e5bf9a
30e94a82cff4154161f1d45c395b43c44da2d74c
5429d099110a77d4f8eace62000c9af90636aa326e21c98b7ec1efc33a4bc4dc
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/mailman.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "723-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 904
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/go-now(1).png
204.44.92.96200 OK 8.0 kB URL HTTP/2 www.uspsqpp.top/us/files/go-now(1).png
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 49754396635190a6532dd376acc76ee1
526df243e2adbf5719b082c5e04190ed40209ccd
0962cc2915393132882747bf55b069572324019764af92ec02d5d0249bfdff99
Analyzer Verdict Alert urlquery Phishing - US Postal Service
quad9 Sinkholed
GET /us/files/go-now(1).png HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "1f5a-5e9408db23b00"
accept-ranges: bytes
content-length: 8026
content-type: image/png
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/go-now(3).png
204.44.92.96200 OK 20 kB URL HTTP/2 www.uspsqpp.top/us/files/go-now(3).png
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 6311ef7a60f86d77aa48fcc48a675a31
96bc8b2fe87b126ffbf0d7b7ad8419661cb6bd9c
70d715475fb0a4756fc65c50cbb2cf0ca15f7311efc6c54b18e045e6ab202251
Analyzer Verdict Alert urlquery Phishing - US Postal Service
quad9 Sinkholed
GET /us/files/go-now(3).png HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "4e01-5e9408db23b00"
accept-ranges: bytes
content-length: 19969
content-type: image/png
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/go-now.png
204.44.92.96200 OK 20 kB URL HTTP/2 www.uspsqpp.top/us/files/go-now.png
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 210 x 142, 8-bit/color RGBA, non-interlaced\012- data
Hash d0dad9004bae0df70b06b75557b1df62
4a080764de6b97902413f5c836432a30da348517
2ff8048ab175abf501e134d00a973ca31a7b0de09c2777eab0a2c9dc07ca0289
Analyzer Verdict Alert urlquery Phishing - US Postal Service
quad9 Sinkholed
GET /us/files/go-now.png HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "4f6e-5e9408db23b00"
accept-ranges: bytes
content-length: 20334
content-type: image/png
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/search.svg
204.44.92.96200 OK 795 B URL HTTP/2 www.uspsqpp.top/us/files/search.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bc6bba680b71bc912c455bd5621c5720
d48c35dec62877452b6345daf910ceea514acc2f
1204068f265bc491b31eb55cd585ab507116877de4d4d5abc0e613824cbc00b0
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/search.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "5b9-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 795
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/find_zip.svg
204.44.92.96200 OK 793 B URL HTTP/2 www.uspsqpp.top/us/files/find_zip.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 7138d9e048926785f5a7609e6af8b5ff
891564b452b04a8762af39bab5db29319b793b71
f115211fc7a8c69e069820271283f2cf84c3e071e050bbc44778d7e15b8c4e4f
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/find_zip.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "5bf-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 793
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/go-now(4).png
204.44.92.96200 OK 22 kB URL HTTP/2 www.uspsqpp.top/us/files/go-now(4).png
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 22ab573e325c944450873345437b0887
0446e4d20c824d38ef4d427cf7e025c8f034f11a
d8573e3e13b1fb40173ea39d5e7fc1b935ae1239b9ca37ac3d7fedf3d966f4ed
Analyzer Verdict Alert urlquery Phishing - US Postal Service
quad9 Sinkholed
GET /us/files/go-now(4).png HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "5675-5e9408db23b00"
accept-ranges: bytes
content-length: 22133
content-type: image/png
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/go-now(2).png
204.44.92.96200 OK 27 kB URL HTTP/2 www.uspsqpp.top/us/files/go-now(2).png
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash b596424d2e958b51d7a68b46cadb6855
77eeeff212b8cd75a31beb954907e20bc5f8c831
daaeb825e97d878d0b5d5dfce37a2dd592ac0e1c5b887e24705835442d317365
Analyzer Verdict Alert urlquery Phishing - US Postal Service
quad9 Sinkholed
GET /us/files/go-now(2).png HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "695c-5e9408db23b00"
accept-ranges: bytes
content-length: 26972
content-type: image/png
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/location.svg
204.44.92.96200 OK 1.2 kB URL HTTP/2 www.uspsqpp.top/us/files/location.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 34a7de74809276c444c11adc2ee2548a
b5bbe7d68582af73cbeed0d626204c5e77498599
e1bcd09ac1d25e2966c793dad31851895239753f917ca753a6f04d508c41b760
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/location.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "a1a-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1209
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/logo_mobile.svg
204.44.92.96200 OK 908 B URL HTTP/2 www.uspsqpp.top/us/files/logo_mobile.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bd23bec0b762655a1f6245c929b8d424
640178557a946360d7a160acc1c4ea52ff313258
919beb8f1a11326db3f1464fd7b2ae92ec2061a3a7091ceeae8d8a1f5c8092ae
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/logo_mobile.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "80c-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 908
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/featured_clicknship.svg
204.44.92.96200 OK 493 B URL HTTP/2 www.uspsqpp.top/us/files/featured_clicknship.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Hash b93c4c39b88fca2acefa761a420a96e3
bf6507826fae68fd0c9bab378ebad29d32f00465
7f343f565aa96c3ae50cfd1180d0583b043e6d233326da227a0695afee85c6df
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/featured_clicknship.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "436-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 493
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/free_boxes.svg
204.44.92.96200 OK 643 B URL HTTP/2 www.uspsqpp.top/us/files/free_boxes.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 40b492a5e65c0654e8b162cad3795475
1d89fce0b15dfb9e85b171a98dfd7701336ec363
f95845daaef3450ec7b6d0d14a6f9125cef5552e4fae068338512924a27a76c5
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/free_boxes.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "42a-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 643
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/qt.css
204.44.92.96200 OK 9.9 kB URL HTTP/2 www.uspsqpp.top/us/files/qt.css
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1599), with CRLF, LF line terminators
Hash 40636c462b3bc2beeb47c86f213195ac
395b688df1c66e016de38a90c6c6788252a43e42
f2f5c174a5d60bfe58fb362bb86f8691fb6ffb977a8248bd24aef980165cccb9
Analyzer Verdict Alert urlquery Phishing - US Postal Service
quad9 Sinkholed
GET /us/files/qt.css HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "c800-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9892
content-type: text/css
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7847
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:04:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7847
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:04:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7847
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:04:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7847
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:04:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 44081
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33ee67e62c49fc8d51f18df313002aac
3d8c927b6945d880f92d4e7a686cad5a9985e8ad
ba6e66e07cd93219926927fd2b468a92b8d02cc9bf1da0b3b9a3c48da160bbdc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9670
x-amzn-requestid: d9a529ac-9dc6-4e12-80c5-3250dc97e7bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcFiAoAMF0nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-116ddf09265d51523c3638b3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5BnByLndiK0korBr44MDgK6sgRBPooy2LE_2NjVIQhiTfmAdLupnZw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:34 GMT
age: 44078
etag: "3d8c927b6945d880f92d4e7a686cad5a9985e8ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ceb8e975fb408de32c43f55febaa6414
453067f6ab356aa87a3ad3b56e33545376597852
e0ecbb6052b4fef75f58da8dae589c81ab9ec9d304de08f26c144a2c3ce9eaac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3719
x-amzn-requestid: 6fab3454-fedd-4a1e-ae47-468ddd6233bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaGQ4IAMFUkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-4b313cf054d6301e71cdc0c1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: phw8DXQgjOyH5g4gvbqgZk-2sHr2n9cHVr4lqqPXfXtyhG32gs2pIg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 43887
etag: "453067f6ab356aa87a3ad3b56e33545376597852"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:35:09 GMT
age: 41343
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 43881
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
age: 42926
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/sweetalert-dev.js
204.44.92.96200 OK 32 kB URL HTTP/2 www.uspsqpp.top/us/files/sweetalert-dev.js
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (22643), with CRLF line terminators
Hash 8e7e9970ac6307ac9aa2d79e4ba1cdd8
fc9db081641d61329351fc865a5fabd75bc2d15b
842b5089be989ffed89bfaf08411e1ba8adc14cb6d91dacc9f14a6a53dec1010
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /us/files/sweetalert-dev.js HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "1e0c1-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 32351
content-type: application/javascript
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/jquery.js
204.44.92.96200 OK 30 kB URL HTTP/2 www.uspsqpp.top/us/files/jquery.js
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (65536), with no line terminators
Hash 863a1ad55c010457822334c94889c6db
393769fda37eb9f5394bcbc50180cf11f1c6537f
5ea43fe3744481e74f9b5bb243bbc718c66cd15264590473016be8c73035deae
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /us/files/jquery.js HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "15339-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 30248
content-type: application/javascript
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/us/files/jquery-3.2.1.js
204.44.92.96200 OK 30 kB URL HTTP/2 www.uspsqpp.top/us/files/jquery-3.2.1.js
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (32058)
Hash 3430607b4301113ad9394c9260eef3f0
8c4db68b161b17e31be300e968a30ab0116b3193
31e4d11375322cd6f94dba7338570426f2412d6c5fa670427966d45c3648098c
Analyzer Verdict Alert urlquery Phishing - US Postal Service
fortinet Phishing
quad9 Sinkholed
GET /us/files/jquery-3.2.1.js HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 09:19:08 GMT
etag: "15283-5e9408db23b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 30138
content-type: application/javascript
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/global-elements/header/images/utility-header/mailman.svg
204.44.92.96404 Not Found 262 B URL HTTP/2 www.uspsqpp.top/global-elements/header/images/utility-header/mailman.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fd2c4e088b89b4538025f04b735b03fc
7446c0a824ea666e7a13f9aa05803badcd2c182b
0b1d1fa8d57f7c0aa4553de01a428c63612f78b60d5d15c43662b8e15bcab54c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/files/megamenu-v2.css
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 262
content-type: text/html; charset=iso-8859-1
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/global-elements/header/images/package-intercept.svg
204.44.92.96404 Not Found 262 B URL HTTP/2 www.uspsqpp.top/global-elements/header/images/package-intercept.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fd2c4e088b89b4538025f04b735b03fc
7446c0a824ea666e7a13f9aa05803badcd2c182b
0b1d1fa8d57f7c0aa4553de01a428c63612f78b60d5d15c43662b8e15bcab54c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /global-elements/header/images/package-intercept.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/files/megamenu-v2.css
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 262
content-type: text/html; charset=iso-8859-1
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/global-elements/header/images/schedule-redelivery.svg
204.44.92.96404 Not Found 262 B URL HTTP/2 www.uspsqpp.top/global-elements/header/images/schedule-redelivery.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fd2c4e088b89b4538025f04b735b03fc
7446c0a824ea666e7a13f9aa05803badcd2c182b
0b1d1fa8d57f7c0aa4553de01a428c63612f78b60d5d15c43662b8e15bcab54c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /global-elements/header/images/schedule-redelivery.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/files/megamenu-v2.css
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 262
content-type: text/html; charset=iso-8859-1
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/global-elements/header/images/icon-personalize-stamped-envelopes.svg
204.44.92.96404 Not Found 262 B URL HTTP/2 www.uspsqpp.top/global-elements/header/images/icon-personalize-stamped-envelopes.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fd2c4e088b89b4538025f04b735b03fc
7446c0a824ea666e7a13f9aa05803badcd2c182b
0b1d1fa8d57f7c0aa4553de01a428c63612f78b60d5d15c43662b8e15bcab54c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /global-elements/header/images/icon-personalize-stamped-envelopes.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/files/megamenu-v2.css
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 262
content-type: text/html; charset=iso-8859-1
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/holdmail.svg
192.229.221.165200 OK 768 B URL HTTP/2 www.usps.com/assets/images/home/holdmail.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 2f40bbb9da0d97f2ba3f3efcfd7533af
34c76f88cdda4be234b58a76e466bc7a972f14ea
f1d176e77951f74582e7e311d99f98f7ce582bdb30051987f257eb3393ee2069
GET /assets/images/home/holdmail.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 32093
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "5a8-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7EFC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 768
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/tracking.svg
192.229.221.165200 OK 844 B URL HTTP/2 www.usps.com/assets/images/home/tracking.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 04034bbe69ef912819cee070ff866703
2c96d71004568c2b460a7f8b796ae45ad89999ec
959755a6f38fb278acd6abb223db552ecf757c291f437149663009aafb83a181
GET /assets/images/home/tracking.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 48308
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "619-5494e7f71e280+gzip"
last-modified: Fri, 24 Feb 2017 22:46:18 GMT
server: ECAcc (dcb/7E95)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 844
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/po_box.svg
192.229.221.165200 OK 848 B URL HTTP/2 www.usps.com/assets/images/home/po_box.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a1feed192f3aca7fd02c00b6ee45bb07
fce52b953f90a873186cd2c3ddb26dcca41884be
88dcd2a8a6b055bf63763c0a86338f33b09a257c89e26a5ae6a364becf1ac122
GET /assets/images/home/po_box.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 32040
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "667-5494e7f259740+gzip"
last-modified: Fri, 24 Feb 2017 22:46:13 GMT
server: ECAcc (dcb/7FD5)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 848
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/schedule_pickup.svg
192.229.221.165200 OK 923 B URL HTTP/2 www.usps.com/assets/images/home/schedule_pickup.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9f9e044f92360c82183e3a31b774e7b2
273798ee8d4dead89367b835cdb7f65f51e81b47
e4b7ae480aae11558a890826cde2cc6fa10039a787052dfc72cdad3e7a772373
GET /assets/images/home/schedule_pickup.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 31996
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "6ef-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/732F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 923
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/stamps.svg
192.229.221.165200 OK 551 B URL HTTP/2 www.usps.com/assets/images/home/stamps.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 780aa534eb1541ac0834489beafdeea2
2593cddb6c1b7505016d3c1138e16ff556e42166
c2a1858fe0517c4c928dad150f22710f1771c1b43b92b79ceb0b20e44db61ee8
GET /assets/images/home/stamps.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 5825
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "44f-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7EC4)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 551
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/utility_languages.png
192.229.221.165200 OK 1.5 kB URL HTTP/2 www.usps.com/assets/images/home/utility_languages.png
IP 192.229.221.165:0
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 410956805d5701e87299cff412827e1a
5de9a390649dfc12e3d6df431140d499ad8abd67
6e727dbf5b0f4a3ec76762e445ad2c5cb750f7de41afb8b0342f903124d09826
GET /assets/images/home/utility_languages.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 31866
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "5b0-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7E8E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1456
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/find_zip.svg
192.229.221.165200 OK 793 B URL HTTP/2 www.usps.com/assets/images/home/find_zip.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4b74917936300819402d564909e39a34
82c09f9b1fa78724d4843b28f12c52e8bb218f2a
d7178ea719cbe6f11c5da374dc26908b1ad0d05d34a33cd6e6d701f5e05c209b
GET /assets/images/home/find_zip.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 31431
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "5bf-5494e7ed94c00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:08 GMT
server: ECAcc (dcb/7ECC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 793
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/search.svg
192.229.221.165200 OK 795 B URL HTTP/2 www.usps.com/assets/images/home/search.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ccfe748c6040d78e356b03d1a731585e
3e15bb471b3c3d0a5cebc3ccd137b5daf9273b7e
9a1b75fecaa2e0de127c36ddbb63c1bc2c44b3f81eed395734dee1ce837162fe
GET /assets/images/home/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 31432
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "5b9-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7F4B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/collectors.svg
192.229.221.165200 OK 561 B URL HTTP/2 www.usps.com/test/nav/images/collectors.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8439e88bd2e43656b157f9c184635032
ddcb40776177a5eac36973e53f2f8bab73e65ea3
5ea3f924c3453a9b8a3f79251377f385f83c8cf9618129427795adf186b9338e
GET /test/nav/images/collectors.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 32010
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "461-560f10f803ac0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:27 GMT
server: ECAcc (dcb/7FEB)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 561
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/change_address.svg
192.229.221.165200 OK 935 B URL HTTP/2 www.usps.com/assets/images/home/change_address.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6c6d11d6d4ad880538ac8b3c9b244e35
d2f5a684574f89a8bdac4ac35508dc29c61e9771
7d2bde4b550c48e86e4d1c6a106d195b5a259f74e2ceeab0772712d356ae7eb9
GET /assets/images/home/change_address.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 32091
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "74d-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/733A)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 935
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/gifts.svg
192.229.221.165200 OK 590 B URL HTTP/2 www.usps.com/test/nav/images/gifts.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e97f9908f9eef2a76ea4f48e00196980
f32d5a4b791567c690ea7095d93bec78e422db40
ad60c73a39b0fcd4b311654aab6f3954edb03f37034ad5567cf9f69d63d905f4
GET /test/nav/images/gifts.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 31700
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "3ee-560f10e9b5900+gzip"
last-modified: Fri, 22 Dec 2017 17:22:12 GMT
server: ECAcc (dcb/7378)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 590
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/location.svg
192.229.221.165200 OK 1.2 kB URL HTTP/2 www.usps.com/assets/images/home/location.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9d8433f178d5a7b839a8bf25552c62b0
c21cec68e524862992f4aa51bf6955b953a65112
d01cb5a23f9b7f4a0a3db27cfd3d90e3813e75ed498fdbabe4df3a859390bd4f
GET /assets/images/home/location.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 31619
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "a1a-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7F25)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1209
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/utility_customer_service.png
192.229.221.165200 OK 1.3 kB URL HTTP/2 www.usps.com/assets/images/home/utility_customer_service.png
IP 192.229.221.165:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 3500d365cd94527c71fe9c70d5cda435
0c7bede628d74cefaf5fce1b675c0ce3c72c78c9
34b28a24c5414dab68a15be6613536d905faf33fbf1aed8ee4702caa60be9bca
GET /assets/images/home/utility_customer_service.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 31534
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "51b-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7EB6)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1307
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/shipping-supplies.svg
192.229.221.165200 OK 1.3 kB URL HTTP/2 www.usps.com/test/nav/images/shipping-supplies.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7a8b39b328ba3e776e643f66844896e8
7a400d0f33c592651da919c728a30e46207a9449
05140d52bba76b4464360b852c3b78227cc2865c4512bf0010ee666f0c985f99
GET /test/nav/images/shipping-supplies.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 31623
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "9f8-560f10eaa9b40+gzip"
last-modified: Fri, 22 Dec 2017 17:22:13 GMT
server: ECAcc (dcb/731F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1282
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/cards-and-envelopes.svg
192.229.221.165200 OK 1.1 kB URL HTTP/2 www.usps.com/test/nav/images/cards-and-envelopes.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5d63c3636efb2bbcb327ed13b714367b
c7e326811c101213173c2a585d1e9700731816ed
c63dd4b3239df8b0709202228ad62b9e06ec96c346d8f86f9e33a554973b795f
GET /test/nav/images/cards-and-envelopes.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 80303
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "8a9-560f10e8c16c0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:11 GMT
server: ECAcc (dcb/7F6F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1056
X-Firefox-Spdy: h2
tools.usps.com/global-elements/header/images/utility-header/mailman.svg
192.229.221.165200 OK 904 B URL HTTP/2 tools.usps.com/global-elements/header/images/utility-header/mailman.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e4bb1afb6143cb1307585f007399e0e4
7d28cd35cbdb8427d4a12274c3f455e57f4742e0
06410c31087cff92e7842a2e6aaef3b5b114192f77e2b652283250fdca6d5e30
GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: tools.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
age: 52792
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "723-55885af730a40+gzip"
last-modified: Wed, 06 Sep 2017 13:54:41 GMT
server: ECAcc (dcb/7311)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-frame-options: SAMEORIGIN
x-ruleset-version: 5.1
content-length: 904
X-Firefox-Spdy: h2
www.usps.com/global-elements/header/images/utility-header/search.svg
192.229.221.165200 OK 795 B URL HTTP/2 www.usps.com/global-elements/header/images/utility-header/search.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 78562ea313af96eca6581054fdbbc76c
b0f3fd320af131b3787b39c864ecac52de12a75e
7932a41ccc861366f60896fe808612a1361c85d654aef21c5d54f7673141c0a9
GET /global-elements/header/images/utility-header/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 31420
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "5b9-549b126599f40+gzip"
last-modified: Wed, 01 Mar 2017 20:28:05 GMT
server: ECAcc (dcb/7ECE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/business.svg
192.229.221.165200 OK 689 B URL HTTP/2 www.usps.com/test/nav/images/business.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3b81ef43fc5b08bab4155c5fed116dc9
a5a804fb2f8f51b3e588d4edb01752eba0380f8d
a513b0f2fb200e9cf7b30ccfbde98f79e87a027c256d99f3159ad22dcb5cc4cb
GET /test/nav/images/business.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 32037
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "4d2-560f10e7cd480+gzip"
last-modified: Fri, 22 Dec 2017 17:22:10 GMT
server: ECAcc (dcb/7FBE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 689
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/calculate_price.svg
192.229.221.165200 OK 772 B URL HTTP/2 www.usps.com/assets/images/home/calculate_price.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 42af7d5484bf8f80ac930313caa5941f
c3dbaf338d7fa81845487333c0cba5b8341bd140
f8f9b52e8d7b815deba988cfcdc6596e9e7b6671075907290c8e96679b18fb2c
GET /assets/images/home/calculate_price.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 32061
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "8fe-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/7304)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 772
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/featured_clicknship.svg
192.229.221.165200 OK 493 B URL HTTP/2 www.usps.com/assets/images/home/featured_clicknship.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Hash efb53558ef3932a80523af92bdda2085
1a97f57d64bc76f296423e1ddbdba9bc71b6d754
f0a25ce9d4e04e6b12bfc528584d599d5e472238849b0e1c66ff5357058d38fe
GET /assets/images/home/featured_clicknship.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 32143
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:04:12 GMT
etag: "436-5494e7bfce000+gzip"
last-modified: Fri, 24 Feb 2017 22:45:20 GMT
server: ECAcc (dcb/7F6B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 493
X-Firefox-Spdy: h2
www.uspsqpp.top/us/images/nav-red-chevron.svg
204.44.92.96404 Not Found 262 B URL HTTP/2 www.uspsqpp.top/us/images/nav-red-chevron.svg
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fd2c4e088b89b4538025f04b735b03fc
7446c0a824ea666e7a13f9aa05803badcd2c182b
0b1d1fa8d57f7c0aa4553de01a428c63612f78b60d5d15c43662b8e15bcab54c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /us/images/nav-red-chevron.svg HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/files/main.css
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 262
content-type: text/html; charset=iso-8859-1
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/query/files/footer-logo.png
204.44.92.96404 Not Found 262 B URL HTTP/2 www.uspsqpp.top/query/files/footer-logo.png
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fd2c4e088b89b4538025f04b735b03fc
7446c0a824ea666e7a13f9aa05803badcd2c182b
0b1d1fa8d57f7c0aa4553de01a428c63612f78b60d5d15c43662b8e15bcab54c
Analyzer Verdict Alert quad9 Sinkholed
GET /query/files/footer-logo.png HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/files/footer-sb.css
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 262
content-type: text/html; charset=iso-8859-1
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.uspsqpp.top/favicon.ico
204.44.92.96404 Not Found 262 B URL HTTP/2 www.uspsqpp.top/favicon.ico
IP 204.44.92.96:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fd2c4e088b89b4538025f04b735b03fc
7446c0a824ea666e7a13f9aa05803badcd2c182b
0b1d1fa8d57f7c0aa4553de01a428c63612f78b60d5d15c43662b8e15bcab54c
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.uspsqpp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.uspsqpp.top/us/post.php
Cookie: PHPSESSID=rro7k3snq8o8oq0t09hjcp7l1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 262
content-type: text/html; charset=iso-8859-1
date: Wed, 30 Nov 2022 10:04:12 GMT
server: Apache
X-Firefox-Spdy: h2