r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3223
Expires: Thu, 30 Mar 2023 16:23:53 GMT
Date: Thu, 30 Mar 2023 15:30:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11431
Expires: Thu, 30 Mar 2023 18:40:41 GMT
Date: Thu, 30 Mar 2023 15:30:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 30 Mar 2023 15:16:05 GMT
content-type: application/json
age: 845
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10188
Expires: Thu, 30 Mar 2023 18:19:58 GMT
Date: Thu, 30 Mar 2023 15:30:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IovcNz7v0o8Z3nKObPaPTteG2iZM0JadfRFm/wirWT0ILXCsgwYfJuvv92FSgtcvK8z0bx6QF8I=
x-amz-request-id: 880SWWF3TESW2RM3
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 30 Mar 2023 14:33:42 GMT
age: 3388
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
188.114.96.1200 OK 11 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (969), with CRLF line terminators
Hash edd82dc34e23464aff83bf16310ad562
7a62b1edeaf7808f98bc23b056ebe0cb4009b8ac
d124e0833e5f5834309bd10c2849371f12fa8da322e5ec5ff03279da2b508a55
Analyzer Verdict Alert openphish United States Postal Service
fortinet Phishing
GET /usps/verification.html HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 15:30:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 04:29:01 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qqm5JABYv4pQCgiqeigKgmFqFzXXcW3iBM2IGt1ubeAvpSpqWF%2Bqt8tmM8zZ2AuSLemoTptcdwzMjn%2F0LmshzEDRJ%2FJTJKUnGmPLcNsfLKcCeAFb2jGtQKDweD7uHMIy0HBbUh5LhBSLwZw5Gwq8ik4lYFNaiJ18"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b01646f9dadfab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 15:30:10 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
tools.usps.com/global-elements/footer/images/social-facebook_1.png
192.229.221.165200 OK 1.9 kB URL HTTP/2 tools.usps.com/global-elements/footer/images/social-facebook_1.png
IP 192.229.221.165:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d1fed200f7befa569074a293cf2abed
11bacbc9debe99986d9a6e974e9a819aaa74be29
9d0ef8aa34abec770b6a9fb4358842a29413d08c0d1e4b74f5c4c31ab477c14c
GET /global-elements/footer/images/social-facebook_1.png HTTP/1.1
Host: tools.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 61855
content-type: image/png
date: Thu, 30 Mar 2023 15:30:11 GMT
etag: "751-549b12f4a70c0"
last-modified: Wed, 01 Mar 2017 20:30:35 GMT
nncoection: close
server: ECAcc (dcb/7374)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-frame-options: SAMEORIGIN
x-ruleset-version: 5.1
content-length: 1873
X-Firefox-Spdy: h2
tools.usps.com/global-elements/footer/images/social-twitter_2.png
192.229.221.165200 OK 1.8 kB URL HTTP/2 tools.usps.com/global-elements/footer/images/social-twitter_2.png
IP 192.229.221.165:0
File type PNG image data, 50 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 4f6b06552f2054fecb5a3ab3956d7a79
c1257b76200738ad53147be110920f84efd479b3
248385895aacd78d7a7b045cd5109103c2f849bbaef9cff5980d59823a620c91
GET /global-elements/footer/images/social-twitter_2.png HTTP/1.1
Host: tools.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 61855
content-type: image/png
date: Thu, 30 Mar 2023 15:30:11 GMT
etag: "732-549b12f59b300"
last-modified: Wed, 01 Mar 2017 20:30:36 GMT
nncoection: close
server: ECAcc (dcb/7E88)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-frame-options: SAMEORIGIN
x-ruleset-version: 5.1
content-length: 1842
X-Firefox-Spdy: h2
tools.usps.com/global-elements/footer/images/social-youtube_3.png
192.229.221.165200 OK 2.5 kB URL HTTP/2 tools.usps.com/global-elements/footer/images/social-youtube_3.png
IP 192.229.221.165:0
File type PNG image data, 50 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash e38ff6af4b8ff088fcb2dc92410b759b
529c88413dbc330fa05a0629b2084ca7931f453e
c2b609bbc0ed5b17740df6ab378bfcbe068e3b08d85e85b2d9dfbe6dd3c6be95
GET /global-elements/footer/images/social-youtube_3.png HTTP/1.1
Host: tools.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 58610
content-type: image/png
date: Thu, 30 Mar 2023 15:30:11 GMT
etag: "99d-549b12f59b300"
last-modified: Wed, 01 Mar 2017 20:30:36 GMT
server: ECAcc (dcb/7F32)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-frame-options: SAMEORIGIN
x-ruleset-version: 5.1
content-length: 2461
X-Firefox-Spdy: h2
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/jquery-3.2.1.js
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/jquery-3.2.1.js
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/jquery-3.2.1.js HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e6Ijk9UfwVgjR%2FD3SxTNUZf2wnljnCFZgm9ctCB2tr5PU7w1HKxIuSO44fjRO6RJZE4OpFpGmDztnfI40%2BDgDLbLkl8d6Hs1xokg8sVKhzXfxRbrI%2B%2BidJLQGUh3Gvf%2B2okHF9CU64D9m6t705D%2FQFlvscUYXhM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b01647289aeb4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
tools.usps.com/global-elements/footer/images/social-pinterest_6.png
192.229.221.165200 OK 2.3 kB URL HTTP/2 tools.usps.com/global-elements/footer/images/social-pinterest_6.png
IP 192.229.221.165:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 010bf7d7901ccaa3905cfe4b7c1cb50d
9c174f76a3ed50a173637d44793d6bc15a818112
67d664b844fdba0588665c6f1986b25fcb6d99e5122a455c36da8622f1eaab62
GET /global-elements/footer/images/social-pinterest_6.png HTTP/1.1
Host: tools.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 61855
content-type: image/png
date: Thu, 30 Mar 2023 15:30:11 GMT
etag: "915-549b12f59b300"
last-modified: Wed, 01 Mar 2017 20:30:36 GMT
nncoection: close
server: ECAcc (dcb/7F0A)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-frame-options: SAMEORIGIN
x-ruleset-version: 5.1
content-length: 2325
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae064c74a3769d42109473ad05d56fb9
d48029ab8568cee6ab7416d3b476ed792d780a56
9852216f395a42f7b4792e852f9f9fa83e07d917a979237d5d7406a1d74edc4f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9852216F395A42F7B4792E852F9F9FA83E07D917A979237D5D7406A1D74EDC4F"
Last-Modified: Wed, 29 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11189
Expires: Thu, 30 Mar 2023 18:36:40 GMT
Date: Thu, 30 Mar 2023 15:30:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Backoff, Last-Modified, Alert, Content-Length, Pragma, Cache-Control, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 30 Mar 2023 15:17:26 GMT
age: 765
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/bootstrap.min.css
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/bootstrap.min.css
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /usps/static/usps/bootstrap.min.css HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZI1y9dtGHPNd3bbj%2FQ4m3acTvw8RjZ60VX55uQX3nnYQ4DcC13Uba8xNLZf%2BPwMnkOhE6794eTu%2FabufQoq2DCrQiL2keEiQQbxpdLxMYCdMqkeJ24z%2B%2BbLuCIy4swbImci1L9ueGUElnkoC753m9dWmMPritaI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0164726841fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/main.css
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/main.css
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /usps/static/usps/main.css HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDA4vgG5M4NRtxMEArPXWDpAd%2Fcv5FNd3k5YK0UEvrWVhnJWjVJoPYxKyOyHFryciBywVxHnu3swK18t72ebaQk5LicAIhwHeLbuI3Ai%2BtCFv45hFggLebjDQp4TotmVSLlOlnHEPhhMME5Vzzd8Hvkkt5h%2FDrgW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b016472697c0b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/megamenu-v2.css
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/megamenu-v2.css
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /usps/static/usps/megamenu-v2.css HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2uecvu4SX%2FMKa3j8BrDr6fPl2X8%2BcMWasiTok3EaEXwBxogo0h3CBZOFnGpP7Nq1VJx0DHPnq%2F91zznk2%2FklYpHKgcVUU6XfYQ4r1pztZUJe9io7ae%2Fcm0BW2LSnhXwUSZAMSnhPObFdEuMrypjLQ9pU38vu%2BaL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0164727d84b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/main-sb.css
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/main-sb.css
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /usps/static/usps/main-sb.css HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhWPTi4%2FZ4%2F63Y6IUa%2B8o5dydpv%2Bee2WciItZvxipUYiRARV9J7LVqDxkgW%2FnVpDu7BT37rCcUPawna0S2cOO8T%2FgxDvlVd%2BDwgKQP7DsQqgm0d%2BlrS5Qry5CGTMjpAeN3hT0N5LDmkYBm6qSUgnR1pvh8XvLRI4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0164729e5c0b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/layer/layer.js
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/layer/layer.js
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/layer/layer.js HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGoYhI%2FOTb7XuZ3OCq0A60igFs%2FeZERvuAxem%2Bmhk1CJ343zs7pJYRsAZD0Y9Tb8LnGIGvDkb7i74z3vwDW19SaJmS68XkSWBDRu4yiHp2Wvl%2BxPYzzTKRgU4weYa6jaDhNQS%2B6jjk14BsI%2FIkwGNvdDqe4%2FlznY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0164729fefb517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/jquery-3.2.1.js
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/jquery-3.2.1.js
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/jquery-3.2.1.js HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mNTaLDB%2FAs%2FsnnikoBa55hevMyqlLsOdbA9zYV%2FZTJWL%2B%2FOhxT6Tb9RXQfSoB9NCJSt6mA4IjW9FpMB%2Fk1a6ATVqiMZFrvx4EYt23nRp1IXXS%2FzVcQ%2F9IEGLHMDmasAqxgKeH156XByreLF1jqQddHtrO73QPbq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0164749c340b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/layer/layer.js
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/layer/layer.js
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/layer/layer.js HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpvg1Q3lqyisw5Cs6juVT09jI2wInJkMZkQWrLdFUtuzNPHc1qa%2BjrngHVV6d7pTK1B%2F748vrEq4APw3l0WJvVs7lEso7L39B55EHQIKVf6A6pFgf0Ks9PugA7TTxIVOhD2WBNYKS4wASmXtl8H3V6Rf2BpMB6ZC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b016474b96eb4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dYh1giPqckXrbfrqOB7naw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +il5HrYdH0BU/YZnNvO7amI3f2g=
Date: Thu, 30 Mar 2023 15:30:11 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/main-sb.css
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/main-sb.css
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /usps/static/usps/main-sb.css HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTMk1KT2PbzBRRVJ2PP7TN1BdGPpf6DLqpePmRCP42mjlxTTYGee5yW%2BUMhOfjfr%2FtGpBDD4IFiGZSm7z5Mq4b%2B1FU1Z2W2HZZGIGadPdVzAKimZkBR%2FcTMu2iZVP8fZJYzk5j5dCjBV0sP%2FhWAREC9pn4JYHuWu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b016474f9180b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/footer-sb.css
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/footer-sb.css
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /usps/static/usps/footer-sb.css HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iEHJC1POGMjY%2BMtPFxy2wnY18m%2FWidYaltrCus3jsBLFPgsE4EaE6o%2BG5byp2pE8eJssXb1N7Wy7UpRYmK%2FEk9t5xeU%2BhuPoR%2B1qpXocdzYX3MQ1aQXkmixY6%2FI43HuZ2yDWvJf%2FV8cj%2FWYrzC4LnayoErEVQE9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0164738b38b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/go-now.png
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/go-now.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /usps/static/usps/go-now.png HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3b4t24%2FNcoVxkxoYHUiqKrfTcsxKCYPpM4pJUkRR59DcNe1SlLvTlHpg1RjvxiX%2FitFmOne5LUGO5qbTDMCixuOHrZrFsKN9r1n8IXk3PPsrHvriXX9du8bV5S1kgdObM2wXLniHJrahxtCZ5zUlPsBRbFg2NfH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0164753c46b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/go-now(4).png
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/go-now(4).png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /usps/static/usps/go-now(4).png HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIPX%2FUsXFDNbnKWoouKj5gTrI9O30HfF68CGzcOO1jcHPmz3Kq6d2V5haOxZ3UoGFLdj48%2FyQXm5w9%2FgQKf1fvEtAG88YPPOCnO8%2BIm1aiXUBu8FCk%2BZ52OuEz4ReQgUSoxPr%2Bfq9Bh8wAmoLpdZswq8aoRNLD80"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0164753b15fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/search.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/search.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash f0652aa164b5d7731b78caec4ed7cd42
1842fef5f84cb98d1cc3cf52a615302555e3224f
44e8ce028375d2798df1b9000bf4f02e52485e25c7cbe5e5b0121cfd49f59259
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/search.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKuDJAB1lYcZd7JUVD8mDymZO328uwvHi%2BDCbrQgm4mNfixR3IgWJUxGDAP9N41KYhziMKFPd9ER9QyJdLDYGRqG0NaK1HvVz0z7hW31SUlp5vq5dEI%2BrUzURt8f0fXM0LoloL4E3r1z1tjfy6hLvhJ4Pt0ufYaM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b016475396d0b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/hamburger.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/hamburger.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash 2dcf83b4b1033ff09c561cb51daf5abc
d08f68950dbcaac0fd4477b7aef921d08cbc1865
8eb4cdd2e489adf3a0685537f979284bdebf5ace01c3df0adcea60f793aaccd7
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/hamburger.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQNZwldaO4Ep3IQRmc9RT964BbWjzjfqYvJOL%2FQiJKH9cUve%2BuxBYbyjvULANug%2BtHi3J%2FzjR9MVHmQKf91YF0bW7fysXwq%2FzbYwIzsSt%2Bc99smHVjNuOOKi22%2BoVJCbbk5exLlRhbmdXxEZkvqpUg285XjDcM5k"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b0164753cdd0b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/logo_mobile.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/logo_mobile.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash f8be233d0b65aeed76a61f20bc064ac7
5d9068a8230b4c2bb43e4e22b6a91994ae1751cb
b5b2ed74d4eefeef91bb10709b57be91ca77cd8641bb776ad161779f0765de19
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/logo_mobile.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=linxdZgxv7PwQFVmOPSt2zP28WbBD29lXBw%2F5b8VeczVLGBd1QF09g1TmJPZ0r0mTYmOTAIC%2BdKBg44MTzRISw%2FJPZ9xA319npC8GHjxNv3XZaGIFa9U5O34Wh7P0LNIaYOcsQGky8a2euHTHHe5xXxcft8VIAdr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b0164753a3ab4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/logo-sb.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/logo-sb.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash 13aa61b6e29322fe4d27e956d7bc8730
3f793dc8de8ac06f73c974b3fbb63c0711a10330
207897d1c8aa5ed0dffd61f25a65c45e87c6eb0dc834543f18fb6214e3491e91
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/logo-sb.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHkx%2Fg9HXKfuvNLQtL01fqaWh%2FYMcfY37N5%2FlaP%2FdOqsDQdzeRMv4mnbp0UO%2BxzHzYejnjeYAF8jUZOD2MlFP415WNaD9KFjrIMd2f99bJeqTUwqTl9t9b%2Fuomz%2FH%2FFJb95uf7ye401Rjl%2B8q8ME3CuXveBFp1Ed"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b0164770bf70b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/mailman.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/mailman.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash 57327d694da21303f1c266602d5c0124
262a00de0e55879906d86b89e5464ba572c3d9a6
05a3fefdaa5e649e63b872a184e2f38b875a4453f1bd914d937195ace6c3d214
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/mailman.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=li21fjG%2FfG57Beb0sY9fqRMYhSN%2FyYFTqLXqyPW91yX87TY5c4yGO556ronqHmND1ORmx7n0xXIyZcCk4qANzQESEn5DAWwenqvqwWrbC5unjo2Dzy9wP2SX9zSCr0CZ%2BZkxxMbW2VsvjB3Mdo3JQfLaDmXMUNRF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b0164753dd2b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/location.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/location.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash 686420d080c82f2a96c4ae45d2cc2867
449dfec163a7754dbc07645323eee90437331c43
c8cc36123957164b0ac9e9d68ae1be6a896ca4884bf9075c1a47c954bd190427
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/location.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FBwsUB8STOdcoLe9iRZlAGccsoWvHlUHORnj%2FEyb9P3TqmS7dtfwz%2FmlGtVJP7WVFzuf1ogQrz5HUEgQ5B7dm5gJ7r%2Bnki%2FndVtlCGuxcSURpdrOy%2F%2BTzBH0Nb5%2BX1F4OPWBKsnzRhP%2BEQzhTfQ7PUF0flZ8EJX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b0164761da9b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/stamps.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/stamps.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash a78ab06b5d2b3bfcb5e2f95ddd235485
d82b6ccb48b94c2f8e428104f6dd38c2f9a11ab3
88ca2b9e8d49127ace13d6356c0c8f858f583a40f866dce7ebc79a346ae62625
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/stamps.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wSF3cZB3XkSxmDEZLJOJ0SZjxKgx7Beo9LNVGaniRdKb2D2ReB5pPMjCkpzs1L9a8m4LNSmsw2OBJu5uDkXj4dk4I6lJNGtHVJiioi9l4Y1pJOUjmscxjtQCP63rWzfZ15nu6qGuzJidJm1rF329go2KlpQJoUy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b0164761bdffab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/holdmail.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/holdmail.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash 7b9b3db79b450c706723df35a7028479
187475d91dfb29875585aadc49fa5c9d07114cb1
957df797e2f46b44607fdbe8e30dc8c9d366f7c1d57745f69638938f53282370
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/holdmail.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIFpbR5H7OseH7n%2FARoEc250aI%2Fo0xSzQUwbVs%2Fvgqg%2FUGd2nuiU8fkPlx28K98kMZ8OA0jC4gNoR01QbTrdA5TztskD3HD1pdcntAOO9c5L3DS3o0ok1pKWPXTEEh%2FDKsMG0s9HC6oNgSZcMbskQwlaf%2BQ51JgI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b01647baaca0b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/calculate_price.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/calculate_price.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash 944f20e12dc71e49b146387ce1f7e5d7
b4d75d024a5552060a0f3aa32d37a435322b1adc
4c1c36e86c33820cf9fd0b9aa29b51677c9d56cbb496cad52242fd5a8e984fe4
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/calculate_price.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az07RqFNYc9Vbe6yJC%2BEQe51QyMvQhN5yOm3R%2BluQjOVU8AL1iAO1PiOumAfM0LUnmRcppIwnCkpPkn72Bsf55PqwzdoEGucB5RPfbRZ9dYkZY%2F5jL27NWWdOFTOzWXKLu%2BNqxDp76bOIrUhKteAJVC%2BeimmbvWb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b01647aac370b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/find_zip.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/find_zip.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash 1235eec3f19d23c2a982f1d0954461a8
7d67c076125ba5e0e1d1789a0917f025e7457647
9de8bcde8c93561dfc60ad51f8f7e362e1d8daa40f877b09834041f966d683fc
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/find_zip.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDQZZ1tfaIvtFoaRndfnwfyxuWTPifrNbNsBay9836LXZSXU0oY7%2BANfstOH3FtsOd7lcfKtRUEvcAib8lsMhg5jjykZxQTGCfgA3qp30YVmmRHzgIDExstkhSWxA6r3wDJ26Mm2fuu0UEcvgEFj7LPN1rQqxy2O"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b01647b2d59b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4955
Expires: Thu, 30 Mar 2023 16:52:47 GMT
Date: Thu, 30 Mar 2023 15:30:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4955
Expires: Thu, 30 Mar 2023 16:52:47 GMT
Date: Thu, 30 Mar 2023 15:30:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4955
Expires: Thu, 30 Mar 2023 16:52:47 GMT
Date: Thu, 30 Mar 2023 15:30:12 GMT
Connection: keep-alive
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/tracking.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/tracking.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash 575df37a7114fa5fc3371ffe223428aa
9d6e493d2f0c4441d227e564cf251b565b5b5b9a
63a9ce3116ad95bc4f4baa6421eaf9cbee57039e58f3294431033e9662732aeb
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/tracking.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1a8TW9nCHRdeyyzCNealwS4KrmLFCV6AhxXH7xTKnP%2BDY6g%2FqcvPnIjm%2FqOiGPnPclwRSCecxDy8N6I%2BT5OJfgX%2FGF1TxXsh2s9%2BQ4P2vc8AwpX2NbswYikxCppuvh20bdCy%2BwBU0AUCRkXt70Jc%2BA8gqwbBuZqd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b01647c7924b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db24198518d1a093c5c03e92e53925a2
288898a60e0a029946e7d770d2b0c64b6f3bf51d
4a15da439fa1a3ccdd3d329f250bacaab581287183293c4e367b05c2a83eb66d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12233
x-amzn-requestid: 781fd422-c720-49d7-bc90-6f8b18751caf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAynHgNoAMFvCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae76-5327bf334c985816289507b9;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nwdrJGU7u4C_ZtSQkSASfZ2qj8a31rIr87g_K8YvrrsoVN5yeN8CRQ==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:52:11 GMT
age: 63481
etag: "288898a60e0a029946e7d770d2b0c64b6f3bf51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nZfXy-IsoHliuLodEocEZlH-IvmIV9G-noSmSEU1wmuMPfBx3rLJ9w==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 11:37:45 GMT
age: 13947
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d109c71a6d804ac43ede46ac74f2065
251d3e3e3eadee46258a4ad9d33d5e9e83aa63b4
de2d781c75abb41ea14c0f4c072df0977562d824d81b5f4ca28c4f635067a17b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11118
x-amzn-requestid: 71508920-b2d8-446d-a498-8bf8708af974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA4qHrpoAMF-0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae9d-5191b68a4c7f1ee042a05583;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3JIDZJcepJFwPc0anfKz5OO8LZY3cFMI4oljiaft8jBgltzp2iYJiA==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:55:34 GMT
age: 63278
etag: "251d3e3e3eadee46258a4ad9d33d5e9e83aa63b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28245e40-16bd-42a4-8bce-13d3a5e205a7.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28245e40-16bd-42a4-8bce-13d3a5e205a7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93a665dd6e5dd69c8772d29764834cb3
c5a65e7d2b648ab55c758ff43ae62ed03ea1cef6
c160269453f66b71981c065b0de8c3b88935dc9f678ef47d2d7ad2afb1dc5df7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28245e40-16bd-42a4-8bce-13d3a5e205a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5664
x-amzn-requestid: de6df023-a8ee-4f43-843e-567fe1492c17
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CewdBHOGoAMF1og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64229453-061fdcb64703d00d020ac124;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 07:16:35 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: OWqlGOjNv8aoBCGqalyFJpWXhu9XA47zlE5RmNpEaeGerz8ilKNMTA==
via: 1.1 17d76c2aee343249585a570f2d36d2ee.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 07:52:39 GMT
age: 27453
etag: "c5a65e7d2b648ab55c758ff43ae62ed03ea1cef6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:48:07 GMT
age: 63725
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2021c271f9290204bd14cd2a3a1680fc
39b68cbcaba381d63dc67bc289fb67c849adb9ff
a84c5dd1e52d7cd535e04cb455891a1442000eb0e4381031c976b4cf3be96f2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4549
x-amzn-requestid: 70e07309-5fc5-4307-b455-29a187eae0d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoBHFFoAMFx5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afcc-298f18fd0cf0b37465a74c13;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 0bqn9l0Lqaavg48Uv9xRI7-zbdu1OfBuxITVjbhnIhmT79W_dzC72g==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:41:40 GMT
age: 64112
etag: "39b68cbcaba381d63dc67bc289fb67c849adb9ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/free_boxes.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/free_boxes.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash 91b4bbf04bdc51c4f47056d6477f0e33
61ed94a25f1a06f3c16f06859eb411baf32929fd
2d87fe9ee2de8d371eae70709d9394c261e6ad6a318ef4016acb8da92f08d255
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/free_boxes.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cI9P7gN%2BvAoOJtSjykCal1mDPGUtI6X0tnMCtojApoZxKZotaqv29%2B4vzp7ZwoXhM2H59uE1sCGu4CDxuMLTsIM8iCrkRCHSFE5xmwf63Z93EOFVXCk66%2F4IanY1N9LMepVEQJKr2uC1cW94AJ6cXj%2BXMgVO5Stz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b01647c9b64fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/po_box.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/po_box.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash e2737d666c577c2b6d80efe2b1d04799
42b27e314406e3e18f37efffc76357702ec9c5d2
6e42458d2487c15ee35b0db75f196cfcc2c885c926dcde5b634afeb8c9d3a98a
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/po_box.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoTw%2BO%2BFgTgpEtVcPr70WxeHYgd52jHIA3sByWQZ9j1B%2FCNSf8tpqv0icFyzXS%2F3zh0mfDsTItPXA8X1EhWuYnuU5UUYuOxLV1qhQ80uH%2BtED2yrvcKxlGta3DpuJHcg442x7iyrTQqzZzt9IXck%2FntxGW4dK2zO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b01647c9a53b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/featured_clicknship.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/featured_clicknship.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash 3a38af274fa3a22b5d8838aac381cb7a
e11a58a06e6a56b99effa9434b702d46754999fd
be46777fd84928c2470663d7a55f97821ed9d11b3d90442ad592530b0a2f6120
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/featured_clicknship.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:13 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnrxAPiQCjSjGD7ySV%2FAJenwkduVm5S8lJ653KYnlSgWRXEI3H85RqrVvdqBY4UkxQX3bB%2FNRpdqx1uwyC2qOHR10VGc7Zx40tGQXvooROzrfF3LVDKw50IRd3PVn2BcRTosuvNejfShEwGTou%2FAJJH5egpWmSX2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b01647d4cb90b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/go-now(1).png
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/go-now(1).png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /usps/static/usps/go-now(1).png HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apVlAM8n0nPl2ysbKWkNd9I1ZhH8hkOTzXgREgxileg0wVXj6%2FMp9AXvsgfbILSImNLGGIaD7lnfxv2qafj84Olneopg5gAfN10qZAbHtLSH7bDsh660mhsNOsE9xoe0vCZM22QXkK2Upoejk4IunCY3DLJh51Ye"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b01647daa5fb4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/schedule_pickup.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/schedule_pickup.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash 37cfcf07712c20b70f6865dff7977119
f805672ed439f6d4c77094b2013fd59c843ade52
12aa024a2a7a977145c69cf28919a442dbd56e320b52d2f2f9807e9ebf207fdc
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/schedule_pickup.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:13 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TXoA3hhLcBRbgTP%2BOX%2FUb3rcSfJVdtklPbuxHLWw4lCBPrIrE80aVMSnNwXEwXzb6bsVdepiOn%2FqSOBrPI0VBrTjkzfbpoxi5lkS257fiQtb94OM3y0L8Pubb%2Bequy5Apxg2tbkGv64SutWp8k72AgUITlu1wyN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b01647d4f8c0b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/go-now(2).png
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/go-now(2).png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /usps/static/usps/go-now(2).png HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQaTrho4M2oUcvSW2u6hvDwQ16Mb8jNLhUhUpIcVuSn4O6oYETlPNUSuXH%2FMUE7qDR59JwvoWvc77Ypoz9YRapx%2BJo0KM7pUEhwBMUMRCTj8K1hlt3KIVekhZPN4SNaKg%2BMm36iwAGTFryluMOSSSoSLUipFQLqz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b01647e3cb9b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/go-now(3).png
188.114.96.1404 Not Found 109 B URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/go-now(3).png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /usps/static/usps/go-now(3).png HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oIbysDsX3WUI3CK5evsHLpNyTmF2oiLe0bh306SmOBo6Ld%2BLLdy1Kx3Kqaa6YaT1KMLBqbjuzUstpIffelM4109Qtc5ZaukAxlKzMfuePU%2Bbk6Pn3AHF6778mGQ5HDKeYziMmPVckGPz5dgIzLAnCjZq%2Fs7zNEM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b01647e5d75fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/change_address.svg
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/change_address.svg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash 2736155c11fd684fc3cf5c0167abf37a
d6e8efe5ed6f0c74061ff9e92d22b89a92fa1541
c0025b5d1a344181ac742fb817a0d925d367211e18525f2a40f733e240c3949b
Analyzer Verdict Alert fortinet Phishing
GET /usps/static/usps/change_address.svg HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:13 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCOvg32yu6J9QhpMj839IHVY9l7sH4Ix48wcRL5oznb5gemcPygYVUXKP8mShy%2Bfh7BRfasTEUhijFugr7QdARitCYZcSkpYhfijRuTNXhZqvJS2fzZS3I%2B6NVjP%2FqeYiQLsou0Baqn6ZumdvoWE2jPK7EObhiTN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b01647ecdccb517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/favicon.ico
188.114.96.1404 Not Found 5.0 kB URL HTTP/1.1 g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/static/usps/favicon.ico
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342)
Hash 327b66f76b09a6390272da5edd853d6e
ef718c17c68e47844864e8b2c551667525474664
46834adf83b2c9949d4d44f87a59ab1c5273e46e58eb3318ab49a5918cdba50a
GET /usps/static/usps/favicon.ico HTTP/1.1
Host: g29xin691opbtqt0lzzbhayzm.lspower.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://g29xin691opbtqt0lzzbhayzm.lspower.xyz/usps/verification.html
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 15:30:13 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNAXkycnhCXplH8MkqjbJY5tlt2bPz8sN32sFqJFUXAJpU%2Foyd3L5EQRPv7u%2B47jNd%2BweZncqh4z6BybA0USZ597oLY5WeG%2Bb23zJ1Qn1XNEG0de56qunyClLzZGPYYZbziJAZ8TPZW5Fl%2B6hbA8ERRk%2Fmu%2BX3cM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b016480a8900b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60