r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6379
Expires: Sat, 01 Oct 2022 10:33:57 GMT
Date: Sat, 01 Oct 2022 08:47:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4a22d2eb50abe339ba0b974642de3650
af15bc424a715a3b8d77e4948a9e152a3ba87ede
dff04734315b51fc11069e2d21b5be37b03d28ad01986e1ae2c96afc6ba31859
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFF04734315B51FC11069E2D21B5BE37B03D28AD01986E1AE2C96AFC6BA31859"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14436
Expires: Sat, 01 Oct 2022 12:48:14 GMT
Date: Sat, 01 Oct 2022 08:47:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
18.165.201.80200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.80:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 01 Oct 2022 08:02:27 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 955b5f6b59fedae13d00dcc66f7085f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 1FCpm08WsQxKWZM5hgWZyDsqWPsmdk73Ezf51YBXN-xtdZ1cfjawCQ==
Age: 2711
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0EQ9vbQ2w+DH2NhJt4uJC9OVGMId2NPZ9aqFWPcZrVMZrgZifkXo/5mVKohPR75JJHmBNHWH8zw=
x-amz-request-id: SVZV44TCSPAS6Q55
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 01 Oct 2022 07:51:49 GMT
age: 3349
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/pages/sms.php
162.210.102.177200 OK 9.3 kB URL HTTP/2 rediregetps.com/USPS/torsion2/pages/sms.php
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1057)
Hash 2870853f8f0733cfa2c0f8d35864a891
9b097a40bf258b72a0c271303b749d85e56b781e
a3349c200d708201c8a6c86756db9390a59f71187391556eeaae98fb69503d86
Analyzer Verdict Alert openphish United States Postal Service
fortinet Phishing
GET /USPS/torsion2/pages/sms.php HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 9250
content-encoding: br
vary: Accept-Encoding
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 08:47:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/jquery.min.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/jquery.min.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/jquery.min.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/metrics-all.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/metrics-all.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/metrics-all.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/optimize.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/optimize.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/optimize.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/footer.css
162.210.102.177200 OK 809 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/footer.css
IP 162.210.102.177:0
File type ASCII text, with very long lines (2933), with no line terminators
Hash d971a7637f56e0dc4cf0fdb80f808a3c
ca16f125643ea88e75c12ab6d5e5370b97c852d9
efb7ba97d98b9f86045b51abf1e031ec7d8abfe81469c249d1e5e424bc22949a
GET /USPS/torsion2/files/no1/footer.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 809
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/bootstrap.min.css
162.210.102.177200 OK 18 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/bootstrap.min.css
IP 162.210.102.177:0
File type ASCII text, with very long lines (65371)
Hash 48ffddcd2a2d788c86f4fb0554e1767e
cd88db8a9506edf1b59094f059bce9de4eef0a20
8fcb085d3cddbc9cfeb246e2e5a90939bcbae0d4b7268ce93f6032beb153f6aa
GET /USPS/torsion2/files/no1/bootstrap.min.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18216
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/calendar.css
162.210.102.177200 OK 2.4 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/calendar.css
IP 162.210.102.177:0
File type ASCII text, with very long lines (14589), with no line terminators
Hash 77298a269e193797cf3887b9d81dd281
14fb65a29ed6efee423a61399882040e1361e1a6
3822ab21b74ce81082b0a4eedef8d86f89c934be0f0de9ee5b7015e4a7a31be6
GET /USPS/torsion2/files/no1/calendar.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2409
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/datepicker3.css
162.210.102.177200 OK 2.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/datepicker3.css
IP 162.210.102.177:0
File type ASCII text, with very long lines (20872)
Hash 434ef40882cf76e3a14f2479fd563e56
d58caaad57ab154075db63231077ab7f0f2e7ae3
30a70e51276444fe1bd03accc93755ff155683132c07b4ba8f10ac41f4c2ce1e
GET /USPS/torsion2/files/no1/datepicker3.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2201
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/main.css
162.210.102.177200 OK 13 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/main.css
IP 162.210.102.177:0
File type ASCII text, with very long lines (49556)
Hash 3912db7c62c04aeac2c9a6159e919181
5fae4b8fbfc142feaee79ee1ed7d47f281ece54f
3ed1b08cb5d050674ab9871ebd15d3f1893028f5ce9cf731300d4c0276ce3312
GET /USPS/torsion2/files/no1/main.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13174
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/tracking-cross-sell.css
162.210.102.177200 OK 900 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/tracking-cross-sell.css
IP 162.210.102.177:0
File type ASCII text, with very long lines (3075), with no line terminators
Hash a621018b4ec82dc0ecfe53a1be7c7127
98b1bd5d346965c091af17c1af55f6b096f8afaa
9fcf387e962cb09871c6c1db98ab55c873ea10f8c708287d1523e7f5e4b74e38
GET /USPS/torsion2/files/no1/tracking-cross-sell.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 900
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/jquery-ui.min.css
162.210.102.177200 OK 7.3 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/jquery-ui.min.css
IP 162.210.102.177:0
File type ASCII text, with very long lines (29153)
Hash 4908ac11fd6492067e3ef9f486605c41
c30b4d7c00a471ae6c50b0ca9163eafd382e92ed
80e33b32ffcbf0dffdfa241a124ecd87476df1174e2771daab7122df68403db2
GET /USPS/torsion2/files/no1/jquery-ui.min.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7297
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/trackingCode.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/trackingCode.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/trackingCode.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/require-jquery.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/require-jquery.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/require-jquery.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/helpers.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/helpers.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/helpers.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/search-fe.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/search-fe.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/search-fe.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/qt.css
162.210.102.177200 OK 8.7 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/qt.css
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1599), with CRLF, LF line terminators
Hash bc1c6a51fad84d452feddb6957545c55
75e265c66b847019ea0c2b7d4ff3df51e26664f1
e68c1bbef33bc6de5383fa8ef543413ba28fe7ea1d2ddbd0b03263bbbd7fed86
GET /USPS/torsion2/files/no1/qt.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8718
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/jquery.min.js(1).t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/jquery.min.js(1).t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/jquery.min.js(1).t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/resize-manager.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/resize-manager.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/resize-manager.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/1.css
162.210.102.177200 OK 0 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/1.css
IP 162.210.102.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /USPS/torsion2/files/no1/1.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:50 GMT
accept-ranges: bytes
content-length: 0
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/jquery-3.5.1.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/jquery-3.5.1.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/jquery-3.5.1.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/megamenu-v2.css
162.210.102.177200 OK 6.6 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/megamenu-v2.css
IP 162.210.102.177:0
File type ASCII text, with very long lines (44725), with no line terminators
Hash cfce275cb2097acd32bce0cd4b431552
34d0a0fd9fbf6e93d378dd8a89546646fa77f206
ac3f33b6fb92249d57fd2f3f15babf191af2db6240c1cbc479bab97488795516
GET /USPS/torsion2/files/no1/megamenu-v2.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6611
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fab8d37be9f23fb57d7766e89ea9844f
596ef7092de49047d967d3e7bc1216d3533b768a
19f5dba1058d94f0dae4581780d78b426413c3caadc3b9fe5edf67637bcfb111
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1525
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 08:47:38 GMT
Last-Modified: Sat, 01 Oct 2022 08:22:13 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0
104.17.224.78200 OK 0 B URL HTTP/2 fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0
IP 104.17.224.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Cookie: __cf_bm=OzpBlfVfo.IwaNJtg69VofvNdK4IL0y8XTciYhTl3MI-1664614013-0-AYTSGKEbRy4g9dQIfo894d5V7xwSo1B5/AC1M8i+3XtDVRtDb/dj7jt9w+p0diVr11XceFwzGifxk+kvbwORCdk=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Oct 2022 08:47:38 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: T0ZH1hXNoB6jtguc1LneBuShAW+pnL1xXkATYgstf9s/Ek+CPWrz2AkHZOlSFb4Uzx1M4Yl24Z8=
x-amz-request-id: PR33JFF0ZQ6CYPJT
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 8644
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7533ef4bbaabb4f7-OSL
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/logo-sb.svg
162.210.102.177200 OK 1.6 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/logo-sb.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash dc71a0b5830a88cb37bc5859ddd6febf
eaa6e0cf855bea15fa29ecb2b1e38b4517abf435
a8c267efe95994a2b7c49ea67e6799970424d0f2321a938a2f04d39655cb394a
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/logo-sb.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1558
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/schedule-redelivery.css
162.210.102.177200 OK 4.4 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/schedule-redelivery.css
IP 162.210.102.177:0
File type ASCII text, with very long lines (23129), with no line terminators
Hash 3252177236b7daf61bdc994cd80170b2
31a472759757fb84a2a49584ea8ab11e875a3e71
2de46ec7729f0d6233ef9b27443b161eda909cde5654f7c673a865c3180200d1
GET /USPS/torsion2/files/no1/schedule-redelivery.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4428
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/hamburger.svg
162.210.102.177200 OK 251 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/hamburger.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash 6117d3cf5b5f672ad9663495887f7c39
061ffb7390a757090c8fb4a98377b913e77f9057
92f4c36e86624fbf0798ec53a025dce08a015746547c11dc6c985939f00cedea
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/hamburger.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 251
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/search.svg
162.210.102.177200 OK 736 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/search.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8a31fb7683d2774d15cb80b2a505f8e5
c291652c4f953dda7e2811fa610a0b220b567729
55e3cf79f04aad31684bc2e714adee2a93ae1b9c0baa9edba53e01c88bcba1f5
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/search.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 736
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/tracking.svg
162.210.102.177200 OK 783 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/tracking.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8f8bfc4e147a094f652e6e84f8181ccf
0e05a6ae983278a8100b9268c865c698cf0f2814
444bd01aad77fd0bf403f6f3756dbebc3ed5ca3ef3b9cbf3f3aed05df7c0a0bb
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/tracking.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 783
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/location.svg
162.210.102.177200 OK 1.1 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/location.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0a1ca1ccf5ff9f82ab21211c45a5e6fc
1f2707a14018ac29696b0aa49fb6b3079a40fde4
bcb3cdd4d30cde3422425edcb5590810a5f1cf1567f60ba75e83189515453a98
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/location.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1136
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/stamps.svg
162.210.102.177200 OK 494 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/stamps.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c4a4a5c3990824ec4564a7690ee04238
a8783c6f91c072e51ef4a3b3299fb05c0cd1d6d0
69e5e6c9816b37c62b32102f0d40da6e1820233d775b65f105bb0c4d77c8e6ba
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/stamps.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 494
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/mailman.svg
162.210.102.177200 OK 834 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/mailman.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d423014c1b59afeba28f902547cb4064
16e3bf3ed8b60386b0bcdcda6597962d7448e933
8bd2b2bdd887ab7b38dd4d5ac269295b94cabac1b4bb9975e5975771ac1aed4e
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/mailman.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 834
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/calculate_price.svg
162.210.102.177200 OK 697 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/calculate_price.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 839491f38b357d4730a3872555afe2a3
9fcdb6af212a53ae91acdbdcd634ab0059e3b82a
88d63b973252ac368c7a665f94767f7187cc0f2f33577eb35c4658e138267b23
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/calculate_price.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 697
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/schedule_pickup.svg
162.210.102.177200 OK 862 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/schedule_pickup.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 34d643de940c21fc6d5e079c4909a5ed
a7b4d82d1a95ea2045c0eb736559825feee5e1b6
c1c979cf93ef93d6ee81e089b3cc1a3b3aa1345ad24e52cc8fae81b64673fe12
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/schedule_pickup.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 862
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/logo_mobile.svg
162.210.102.177200 OK 851 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/logo_mobile.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 771732e6b2c2a1d1ca6a5b4b037f4364
839ceb5132e83f66a17835133bac5760a05aed46
1dcab98190e88027b2a5decb1ec2443a3f4b7eb2c1da8b399d676f807f83f4f0
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/logo_mobile.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 851
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/find_zip.svg
162.210.102.177200 OK 731 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/find_zip.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d936a0f125fcd2b02942320f296ed81d
7b882a24563b2b168d9be33677bf3d47c5d563df
46094eb27327e20f1f0f2be6560240bc4b517ef433a62cf33ab2eca665cd6507
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/find_zip.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 731
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/jquery-3.2.1.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/jquery-3.2.1.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/jquery-3.2.1.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/modernizr.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/modernizr.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/modernizr.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/megamenu.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/megamenu.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/megamenu.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/OneLinkUsps.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/OneLinkUsps.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/OneLinkUsps.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/ge-login.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/ge-login.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/ge-login.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/require.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/require.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/require.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/header-init-search.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/header-init-search.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/header-init-search.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/megamenu-additions.js.t%C3%A9l%C3%A9chargement
162.210.102.177404 Not Found 1.2 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/megamenu-additions.js.t%C3%A9l%C3%A9chargement
IP 162.210.102.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/megamenu-additions.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/main-sb.css
162.210.102.177200 OK 2.6 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/main-sb.css
IP 162.210.102.177:0
File type ASCII text, with very long lines (8795)
Hash e74dd61f7db91b026d599a1f3ef5ccf3
17a346ea5740c4a6002a4fe318861ad9e4259655
944741f222c00fde620ca5e8a884db580e7d16beb26fb89269ed7803a8cf0646
GET /USPS/torsion2/files/no1/main-sb.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2604
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/footer-sb.css
162.210.102.177200 OK 798 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/footer-sb.css
IP 162.210.102.177:0
File type ASCII text, with very long lines (3179), with CRLF line terminators
Hash 8b7cab3058476e6b4e7ea4d274668e2a
0c065deaa425d1def273e0de471a1334ff46fc98
85cfd44c755118e839b831e4bbb6940ff14ec672e7cbf32075b706aedd00b973
GET /USPS/torsion2/files/no1/footer-sb.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 798
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/holdmail.svg
162.210.102.177200 OK 714 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/holdmail.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 258fb1adb2cea710eb2cb49e4a19209d
8afca7c399d8cfe698741011321ce01b11e10264
c0cae2cd29165a7f5faf47f4bce82812a9f18541f97eb2648ba1f16f9f93fdcd
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/holdmail.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 714
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/change_address.svg
162.210.102.177200 OK 879 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/change_address.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9dbbcb40275fff23cb4baeb72235f9f5
6f9b431a038a3dce39825bb59264dff4f8be21a1
f158040413f4f13d2da5d90e6d3cefb070e0da78c96a5a14efd8055f67fe6485
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/change_address.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 879
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/po_box.svg
162.210.102.177200 OK 792 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/po_box.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b705487d65fd5617b8f9a25f8458e829
f9f71d6f930361e685eaa5e2f7277ae0beb502b7
d88aab56b5eecdb924dffd7c393d4a57d90a7e39864db70f09348ab3d0380d5c
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/po_box.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 792
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/featured_clicknship.svg
162.210.102.177200 OK 448 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/featured_clicknship.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Hash b2d3ea1ee277752c7a64b6f73e8adeda
0eca2b23331088c8b34c0de1501b2f8a07b2afb7
818e6ce78cea3591c4a7378f0089b1f98c22c4b35072592607e714bcb52e8514
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/featured_clicknship.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 448
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/go-now.png
162.210.102.177200 OK 20 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/go-now.png
IP 162.210.102.177:0
File type PNG image data, 210 x 142, 8-bit/color RGBA, non-interlaced\012- data
Hash d0dad9004bae0df70b06b75557b1df62
4a080764de6b97902413f5c836432a30da348517
2ff8048ab175abf501e134d00a973ca31a7b0de09c2777eab0a2c9dc07ca0289
GET /USPS/torsion2/files/no1/go-now.png HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/png
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-length: 20334
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/go-now(1).png
162.210.102.177200 OK 8.0 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/go-now(1).png
IP 162.210.102.177:0
File type PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 49754396635190a6532dd376acc76ee1
526df243e2adbf5719b082c5e04190ed40209ccd
0962cc2915393132882747bf55b069572324019764af92ec02d5d0249bfdff99
GET /USPS/torsion2/files/no1/go-now(1).png HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/png
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-length: 8026
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/go-now(2).png
162.210.102.177200 OK 32 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/go-now(2).png
IP 162.210.102.177:0
File type PNG image data, 195 x 167, 8-bit/color RGBA, non-interlaced\012- data
Hash 572fc82e3845cdfb11843e27b9d0b11c
94227977268983b68c97418e90bd20b138f6a297
6ed17d6f02e09f54d461213f9887c177d32f4fb0d4eb4209bb90a5c839865d90
GET /USPS/torsion2/files/no1/go-now(2).png HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/png
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-length: 32151
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/go-now(3).png
162.210.102.177200 OK 20 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/go-now(3).png
IP 162.210.102.177:0
File type PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 6311ef7a60f86d77aa48fcc48a675a31
96bc8b2fe87b126ffbf0d7b7ad8419661cb6bd9c
70d715475fb0a4756fc65c50cbb2cf0ca15f7311efc6c54b18e045e6ab202251
GET /USPS/torsion2/files/no1/go-now(3).png HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/png
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-length: 19969
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/go-now(4).png
162.210.102.177200 OK 22 kB URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/go-now(4).png
IP 162.210.102.177:0
File type PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 22ab573e325c944450873345437b0887
0446e4d20c824d38ef4d427cf7e025c8f034f11a
d8573e3e13b1fb40173ea39d5e7fc1b935ae1239b9ca37ac3d7fedf3d966f4ed
GET /USPS/torsion2/files/no1/go-now(4).png HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/png
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-length: 22133
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rediregetps.com/USPS/torsion2/files/no1/free_boxes.svg
162.210.102.177200 OK 589 B URL HTTP/2 rediregetps.com/USPS/torsion2/files/no1/free_boxes.svg
IP 162.210.102.177:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6941514a626be0afaecf226056aceb8e
9eea1b943c92ac6832adc1e563c7352a193b5346
ed76b610151120054b3bcfd94090c46160d437322353af63876423fdca09b358
Analyzer Verdict Alert fortinet Phishing
GET /USPS/torsion2/files/no1/free_boxes.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 589
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.80200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.80:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sat, 01 Oct 2022 08:33:21 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sat, 01 Oct 2022 09:12:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f5db034a9eef3b097715a6b5d2c824a8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: SLL9aGcjW5UPPQzLXac0adUDJDeAgWxcaF2tXeBGDiiJikSKyCgbtg==
Age: 886
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d1be374a29f94481ff2c021e35f4eaa0
e05e92d94b5e434e9935e560fd8dc33bdc393aea
37a5132d2183f5c3bfaac5c89df691fea72cac4423110df88bdeb231f430deee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5567
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 08:47:39 GMT
Last-Modified: Sat, 01 Oct 2022 07:14:52 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.usps.com/assets/images/home/find_zip.svg
192.229.221.165200 OK 793 B URL HTTP/2 www.usps.com/assets/images/home/find_zip.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4b74917936300819402d564909e39a34
82c09f9b1fa78724d4843b28f12c52e8bb218f2a
d7178ea719cbe6f11c5da374dc26908b1ad0d05d34a33cd6e6d701f5e05c209b
GET /assets/images/home/find_zip.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26838
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "5bf-5494e7ed94c00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:08 GMT
server: ECAcc (dcb/7ECC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 793
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/utility_languages.png
192.229.221.165200 OK 1.5 kB URL HTTP/2 www.usps.com/assets/images/home/utility_languages.png
IP 192.229.221.165:0
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 410956805d5701e87299cff412827e1a
5de9a390649dfc12e3d6df431140d499ad8abd67
6e727dbf5b0f4a3ec76762e445ad2c5cb750f7de41afb8b0342f903124d09826
GET /assets/images/home/utility_languages.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 27273
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "5b0-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7E8E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1456
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/schedule_pickup.svg
192.229.221.165200 OK 923 B URL HTTP/2 www.usps.com/assets/images/home/schedule_pickup.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9f9e044f92360c82183e3a31b774e7b2
273798ee8d4dead89367b835cdb7f65f51e81b47
e4b7ae480aae11558a890826cde2cc6fa10039a787052dfc72cdad3e7a772373
GET /assets/images/home/schedule_pickup.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27403
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "6ef-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/732F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 923
X-Firefox-Spdy: h2
www.usps.com/global-elements/header/images/utility-header/search.svg
192.229.221.165200 OK 795 B URL HTTP/2 www.usps.com/global-elements/header/images/utility-header/search.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 78562ea313af96eca6581054fdbbc76c
b0f3fd320af131b3787b39c864ecac52de12a75e
7932a41ccc861366f60896fe808612a1361c85d654aef21c5d54f7673141c0a9
GET /global-elements/header/images/utility-header/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26827
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "5b9-549b126599f40+gzip"
last-modified: Wed, 01 Mar 2017 20:28:05 GMT
server: ECAcc (dcb/7ECE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/tracking.svg
192.229.221.165200 OK 844 B URL HTTP/2 www.usps.com/assets/images/home/tracking.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 04034bbe69ef912819cee070ff866703
2c96d71004568c2b460a7f8b796ae45ad89999ec
959755a6f38fb278acd6abb223db552ecf757c291f437149663009aafb83a181
GET /assets/images/home/tracking.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 43716
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "619-5494e7f71e280+gzip"
last-modified: Fri, 24 Feb 2017 22:46:18 GMT
server: ECAcc (dcb/7E95)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 844
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/holdmail.svg
192.229.221.165200 OK 768 B URL HTTP/2 www.usps.com/assets/images/home/holdmail.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 2f40bbb9da0d97f2ba3f3efcfd7533af
34c76f88cdda4be234b58a76e466bc7a972f14ea
f1d176e77951f74582e7e311d99f98f7ce582bdb30051987f257eb3393ee2069
GET /assets/images/home/holdmail.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27500
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "5a8-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7EFC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 768
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/po_box.svg
192.229.221.165200 OK 848 B URL HTTP/2 www.usps.com/assets/images/home/po_box.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a1feed192f3aca7fd02c00b6ee45bb07
fce52b953f90a873186cd2c3ddb26dcca41884be
88dcd2a8a6b055bf63763c0a86338f33b09a257c89e26a5ae6a364becf1ac122
GET /assets/images/home/po_box.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27447
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "667-5494e7f259740+gzip"
last-modified: Fri, 24 Feb 2017 22:46:13 GMT
server: ECAcc (dcb/7FD5)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 848
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/collectors.svg
192.229.221.165200 OK 561 B URL HTTP/2 www.usps.com/test/nav/images/collectors.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8439e88bd2e43656b157f9c184635032
ddcb40776177a5eac36973e53f2f8bab73e65ea3
5ea3f924c3453a9b8a3f79251377f385f83c8cf9618129427795adf186b9338e
GET /test/nav/images/collectors.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27417
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "461-560f10f803ac0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:27 GMT
server: ECAcc (dcb/7FEB)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 561
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/change_address.svg
192.229.221.165200 OK 935 B URL HTTP/2 www.usps.com/assets/images/home/change_address.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6c6d11d6d4ad880538ac8b3c9b244e35
d2f5a684574f89a8bdac4ac35508dc29c61e9771
7d2bde4b550c48e86e4d1c6a106d195b5a259f74e2ceeab0772712d356ae7eb9
GET /assets/images/home/change_address.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27498
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "74d-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/733A)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 935
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/gifts.svg
192.229.221.165200 OK 590 B URL HTTP/2 www.usps.com/test/nav/images/gifts.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e97f9908f9eef2a76ea4f48e00196980
f32d5a4b791567c690ea7095d93bec78e422db40
ad60c73a39b0fcd4b311654aab6f3954edb03f37034ad5567cf9f69d63d905f4
GET /test/nav/images/gifts.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27107
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "3ee-560f10e9b5900+gzip"
last-modified: Fri, 22 Dec 2017 17:22:12 GMT
server: ECAcc (dcb/7378)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 590
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/search.svg
192.229.221.165200 OK 795 B URL HTTP/2 www.usps.com/assets/images/home/search.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ccfe748c6040d78e356b03d1a731585e
3e15bb471b3c3d0a5cebc3ccd137b5daf9273b7e
9a1b75fecaa2e0de127c36ddbb63c1bc2c44b3f81eed395734dee1ce837162fe
GET /assets/images/home/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26839
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "5b9-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7F4B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/cards-and-envelopes.svg
192.229.221.165200 OK 1.1 kB URL HTTP/2 www.usps.com/test/nav/images/cards-and-envelopes.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5d63c3636efb2bbcb327ed13b714367b
c7e326811c101213173c2a585d1e9700731816ed
c63dd4b3239df8b0709202228ad62b9e06ec96c346d8f86f9e33a554973b795f
GET /test/nav/images/cards-and-envelopes.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 75713
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "8a9-560f10e8c16c0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:11 GMT
server: ECAcc (dcb/7F6F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1056
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/location.svg
192.229.221.165200 OK 1.2 kB URL HTTP/2 www.usps.com/assets/images/home/location.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9d8433f178d5a7b839a8bf25552c62b0
c21cec68e524862992f4aa51bf6955b953a65112
d01cb5a23f9b7f4a0a3db27cfd3d90e3813e75ed498fdbabe4df3a859390bd4f
GET /assets/images/home/location.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27026
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "a1a-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7F25)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1209
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/utility_customer_service.png
192.229.221.165200 OK 1.3 kB URL HTTP/2 www.usps.com/assets/images/home/utility_customer_service.png
IP 192.229.221.165:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 3500d365cd94527c71fe9c70d5cda435
0c7bede628d74cefaf5fce1b675c0ce3c72c78c9
34b28a24c5414dab68a15be6613536d905faf33fbf1aed8ee4702caa60be9bca
GET /assets/images/home/utility_customer_service.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 26942
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "51b-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7EB6)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1307
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/calculate_price.svg
192.229.221.165200 OK 772 B URL HTTP/2 www.usps.com/assets/images/home/calculate_price.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 42af7d5484bf8f80ac930313caa5941f
c3dbaf338d7fa81845487333c0cba5b8341bd140
f8f9b52e8d7b815deba988cfcdc6596e9e7b6671075907290c8e96679b18fb2c
GET /assets/images/home/calculate_price.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27468
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "8fe-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/7304)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 772
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/business.svg
192.229.221.165200 OK 689 B URL HTTP/2 www.usps.com/test/nav/images/business.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3b81ef43fc5b08bab4155c5fed116dc9
a5a804fb2f8f51b3e588d4edb01752eba0380f8d
a513b0f2fb200e9cf7b30ccfbde98f79e87a027c256d99f3159ad22dcb5cc4cb
GET /test/nav/images/business.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27444
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "4d2-560f10e7cd480+gzip"
last-modified: Fri, 22 Dec 2017 17:22:10 GMT
server: ECAcc (dcb/7FBE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 689
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/stamps.svg
192.229.221.165200 OK 551 B URL HTTP/2 www.usps.com/assets/images/home/stamps.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 780aa534eb1541ac0834489beafdeea2
2593cddb6c1b7505016d3c1138e16ff556e42166
c2a1858fe0517c4c928dad150f22710f1771c1b43b92b79ceb0b20e44db61ee8
GET /assets/images/home/stamps.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1234
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "44f-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7EC4)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 551
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/featured_clicknship.svg
192.229.221.165200 OK 493 B URL HTTP/2 www.usps.com/assets/images/home/featured_clicknship.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Hash efb53558ef3932a80523af92bdda2085
1a97f57d64bc76f296423e1ddbdba9bc71b6d754
f0a25ce9d4e04e6b12bfc528584d599d5e472238849b0e1c66ff5357058d38fe
GET /assets/images/home/featured_clicknship.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27552
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "436-5494e7bfce000+gzip"
last-modified: Fri, 24 Feb 2017 22:45:20 GMT
server: ECAcc (dcb/7F6B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 493
X-Firefox-Spdy: h2
tools.usps.com/global-elements/header/images/utility-header/mailman.svg
192.229.221.165200 OK 904 B URL HTTP/2 tools.usps.com/global-elements/header/images/utility-header/mailman.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e4bb1afb6143cb1307585f007399e0e4
7d28cd35cbdb8427d4a12274c3f455e57f4742e0
06410c31087cff92e7842a2e6aaef3b5b114192f77e2b652283250fdca6d5e30
GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: tools.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
age: 62605
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "723-55885af730a40+gzip"
last-modified: Wed, 06 Sep 2017 13:54:41 GMT
server: ECAcc (dcb/7311)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-frame-options: SAMEORIGIN
x-ruleset-version: 5.1
content-length: 904
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.43.253.52101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.253.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7IUYIPctxozKs8EoqXzkeA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: p6Ii0kwallWKhKpXOsA/2sAtG7w=
www.usps.com/test/nav/images/shipping-supplies.svg
192.229.221.165200 OK 1.3 kB URL HTTP/2 www.usps.com/test/nav/images/shipping-supplies.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7a8b39b328ba3e776e643f66844896e8
7a400d0f33c592651da919c728a30e46207a9449
05140d52bba76b4464360b852c3b78227cc2865c4512bf0010ee666f0c985f99
GET /test/nav/images/shipping-supplies.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27031
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "9f8-560f10eaa9b40+gzip"
last-modified: Fri, 22 Dec 2017 17:22:13 GMT
server: ECAcc (dcb/731F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1282
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rediregetps.com
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Sat, 01 Oct 2022 08:47:40 GMT
server: ECAcc (ska/F7BB)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rediregetps.com
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Sat, 01 Oct 2022 08:47:40 GMT
server: ECAcc (ska/F779)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rediregetps.com
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Sat, 01 Oct 2022 08:47:40 GMT
server: ECAcc (ska/F7B7)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rediregetps.com
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Sat, 01 Oct 2022 08:47:40 GMT
server: ECAcc (ska/F6BE)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rediregetps.com
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Sat, 01 Oct 2022 08:47:40 GMT
server: ECAcc (ska/F7A8)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rediregetps.com
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Sat, 01 Oct 2022 08:47:40 GMT
server: ECAcc (ska/F6EC)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4596
Expires: Sat, 01 Oct 2022 10:04:16 GMT
Date: Sat, 01 Oct 2022 08:47:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4596
Expires: Sat, 01 Oct 2022 10:04:16 GMT
Date: Sat, 01 Oct 2022 08:47:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4596
Expires: Sat, 01 Oct 2022 10:04:16 GMT
Date: Sat, 01 Oct 2022 08:47:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4596
Expires: Sat, 01 Oct 2022 10:04:16 GMT
Date: Sat, 01 Oct 2022 08:47:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b0d9d19-67ea-434c-8233-4ac3ec9e78e7.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b0d9d19-67ea-434c-8233-4ac3ec9e78e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21e55a6ca7350ed834993a486e138de1
c09ee0f2be578f0067b2ed0237d565a04438147e
124ca8ae6e3f7c7bb28f0d47fa693753884261ed61896eccf7bc13f249fc8960
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b0d9d19-67ea-434c-8233-4ac3ec9e78e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6959
x-amzn-requestid: eaf91f33-2fe3-4ed5-b89c-6199c2f17651
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCF6toAMFSDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-3b8c7f290ffda97b2d179433;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qAOX_0r1sA_Bzn-UjQXmLObAYDyjiTU45aNSOPFt8ucUOyKfrw5ieg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:52:59 GMT
age: 39281
etag: "c09ee0f2be578f0067b2ed0237d565a04438147e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d31a422078d02bda318c693c05a58dc
2df7db53629c7adda2c0a4dfe9c17791b73a75e1
a07fe4e135b52da6dfa9d8a55684f0a3bf5f5ce52c4064c8ab37836a939902a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8299
x-amzn-requestid: 91eed6b6-632f-472b-93d7-4192425fcdfd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLDF0SoAMFWgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-17bb04894cc786555d693ec3;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pt23XcORl063B99HGVhjQwBrS36T7GBIAQO7StLrEH8PKIc4edxQwQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:52:55 GMT
age: 39285
etag: "2df7db53629c7adda2c0a4dfe9c17791b73a75e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4be456dbe857580c7b4c7fca3936e04e
49798c4a15545a49f3870b2a16af78dbf8e168cc
23e42987d5e9939424d5f4e4fe0c38faf20a221732097927dd4a656199d9d315
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10201
x-amzn-requestid: 62562627-78a8-4c17-bf6c-b2c986b9ee8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCFH3IAMFoFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-69637d745165485171ca73b9;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9wh9cCXRRlyQy8kXzSCNzMQSmac9iwgkRBrgyTtaMr6m2vXPRxVogg==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:55:26 GMT
etag: "49798c4a15545a49f3870b2a16af78dbf8e168cc"
content-type: image/jpeg
age: 39134
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPnunF35oAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F3fk5JnJ9ZFNPan-8DuLb4kuTiYKfniBar3qNlsuqd8a0saW3sEGvQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 04:41:31 GMT
age: 14769
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc003298b-5703-480c-8a4c-fffa9abe5028.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc003298b-5703-480c-8a4c-fffa9abe5028.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9466667cfaaedbb374259e8fb8dd63e3
0cd9a66508c343b43b095ac7f550919ec35097d3
bb70996bea518ba4ddc2c269e9a7c9bea3a9c91fed124a29570828b89250764c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc003298b-5703-480c-8a4c-fffa9abe5028.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8091
x-amzn-requestid: 78ccaa77-230e-4aa1-a409-7b2a444df9ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLDF_OIAMFpdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-0384396f2ed848bc1c17e1b7;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G75a-PITD4Wmlxxk_rrpRWNytSGNZlrL_JeoR4A_w6vshDkmRlouPw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:52:58 GMT
age: 39282
etag: "0cd9a66508c343b43b095ac7f550919ec35097d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46fd1600-2a91-4b2c-8b8b-5f8bdd64364a.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46fd1600-2a91-4b2c-8b8b-5f8bdd64364a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0de8b7bbf1fbb1da9d346d6995a7b7a4
0ff6e67904c9e00a4e3dda9e5ef2007ec7426018
9c1e15fd02fb1129821410b33b60b3fede2338f7971bfd93b1547d12255d840b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46fd1600-2a91-4b2c-8b8b-5f8bdd64364a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3885
x-amzn-requestid: 6e42fb31-7c36-4551-b124-b4a31807a223
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlUaFjXIAMFbrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f4f-54e426f20cdec55272e3b9ec;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QEzjyCz02zrS4ZKJfaSPDI95gZJCMS8LrusxCQtsx1PjSkEYQwG0Ww==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 23:55:27 GMT
age: 31933
etag: "0ff6e67904c9e00a4e3dda9e5ef2007ec7426018"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2