Report - rediregetps.com/USPS/torsion2/pages/sms.php

Report Overview

Submitted URL
rediregetps.com/USPS/torsion2/pages/sms.php
IP
162.210.102.177
ASN
#32748 STEADFAST
Submitted
2022-10-01 08:47:49
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
72

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
rediregetps.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	56 kB	230 kB	162.210.102.177
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.3 kB	93.184.220.29
www.usps.com	11794	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	42 kB	192.229.221.165
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.165.201.80
fast.fonts.net	2905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	581 B	577 B	104.17.224.78
tools.usps.com	12881	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	1.3 kB	192.229.221.165
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.43.253.52
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	50 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-30	medium	rediregetps.com/USPS/torsion2/pages/sms.php	United States Postal Service

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-01	medium	rediregetps.com/USPS/torsion2/pages/sms.php	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/jquery.min.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/metrics-all.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/optimize.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/trackingCode.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/require-jquery.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/helpers.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/search-fe.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/jquery.min.js(1).t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/resize-manager.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/jquery-3.5.1.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/logo-sb.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/hamburger.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/search.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/tracking.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/location.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/stamps.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/mailman.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/calculate_price.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/schedule_pickup.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/logo_mobile.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/find_zip.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/jquery-3.2.1.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/modernizr.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/megamenu.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/OneLinkUsps.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/ge-login.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/require.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/header-init-search.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/megamenu-additions.js.t%C3%A9l%C3%A9chargement	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/holdmail.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/change_address.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/po_box.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/featured_clicknship.svg	Phishing
2022-10-01	medium	rediregetps.com/USPS/torsion2/files/no1/free_boxes.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	rediregetps.com/USPS/torsion2/pages/sms.php	24 B	2023-03-07	2024-04-19
Pretty URL rediregetps.com/USPS/torsion2/pages/sms.php IP 162.210.102.177 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 17:50:06 Times Seen5675 Hash 56d62f55706e2e153678329e7bcd94d8 c00d14b88b1fa94b12c0aafb761e676e73758fc9 6949901ccecaa8c8c40ac181981a5a291b81648a0a5ab42223db4875bdd5235c Loading...

	rediregetps.com/USPS/torsion2/pages/sms.php	25 B	2023-03-07	2024-04-19
Pretty URL rediregetps.com/USPS/torsion2/pages/sms.php IP 162.210.102.177 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 17:50:06 Times Seen1997 Hash f467b64f19191da4e5c8ac5b4edb02b2 7abcaf406c9ff382bd7f7c75c7653fbff03f0410 33c959a2c76326692f3647ba8d01dc64c6374357f098dea1db067a974843b526 Loading...

HTTP Transactions (99)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6379
Expires: Sat, 01 Oct 2022 10:33:57 GMT
Date: Sat, 01 Oct 2022 08:47:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4a22d2eb50abe339ba0b974642de3650
af15bc424a715a3b8d77e4948a9e152a3ba87ede
dff04734315b51fc11069e2d21b5be37b03d28ad01986e1ae2c96afc6ba31859

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFF04734315B51FC11069E2D21B5BE37B03D28AD01986E1AE2C96AFC6BA31859"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14436
Expires: Sat, 01 Oct 2022 12:48:14 GMT
Date: Sat, 01 Oct 2022 08:47:38 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

18.165.201.80

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.165.201.80:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 01 Oct 2022 08:02:27 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 955b5f6b59fedae13d00dcc66f7085f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 1FCpm08WsQxKWZM5hgWZyDsqWPsmdk73Ezf51YBXN-xtdZ1cfjawCQ==
Age: 2711

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 0EQ9vbQ2w+DH2NhJt4uJC9OVGMId2NPZ9aqFWPcZrVMZrgZifkXo/5mVKohPR75JJHmBNHWH8zw=
x-amz-request-id: SVZV44TCSPAS6Q55
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 01 Oct 2022 07:51:49 GMT
age: 3349
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/pages/sms.php

162.210.102.177

200 OK

9.3 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/pages/sms.php
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1057)
Size
9.3 kB (9250 bytes)
Hash
2870853f8f0733cfa2c0f8d35864a891
9b097a40bf258b72a0c271303b749d85e56b781e
a3349c200d708201c8a6c86756db9390a59f71187391556eeaae98fb69503d86

Detections

Analyzer	Verdict	Alert
openphish	United States Postal Service
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/pages/sms.php HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 9250
content-encoding: br
vary: Accept-Encoding
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 08:47:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/jquery.min.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/jquery.min.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/jquery.min.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/metrics-all.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/metrics-all.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/metrics-all.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/optimize.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/optimize.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/optimize.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/footer.css

162.210.102.177

200 OK

809 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/footer.css
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (2933), with no line terminators
Size
809 B (809 bytes)
Hash
d971a7637f56e0dc4cf0fdb80f808a3c
ca16f125643ea88e75c12ab6d5e5370b97c852d9
efb7ba97d98b9f86045b51abf1e031ec7d8abfe81469c249d1e5e424bc22949a

HTTP Headers

GET /USPS/torsion2/files/no1/footer.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 809
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/bootstrap.min.css

162.210.102.177

200 OK

18 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/bootstrap.min.css
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (65371)
Size
18 kB (18216 bytes)
Hash
48ffddcd2a2d788c86f4fb0554e1767e
cd88db8a9506edf1b59094f059bce9de4eef0a20
8fcb085d3cddbc9cfeb246e2e5a90939bcbae0d4b7268ce93f6032beb153f6aa

HTTP Headers

GET /USPS/torsion2/files/no1/bootstrap.min.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18216
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/calendar.css

162.210.102.177

200 OK

2.4 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/calendar.css
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (14589), with no line terminators
Size
2.4 kB (2409 bytes)
Hash
77298a269e193797cf3887b9d81dd281
14fb65a29ed6efee423a61399882040e1361e1a6
3822ab21b74ce81082b0a4eedef8d86f89c934be0f0de9ee5b7015e4a7a31be6

HTTP Headers

GET /USPS/torsion2/files/no1/calendar.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2409
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/datepicker3.css

162.210.102.177

200 OK

2.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/datepicker3.css
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (20872)
Size
2.2 kB (2201 bytes)
Hash
434ef40882cf76e3a14f2479fd563e56
d58caaad57ab154075db63231077ab7f0f2e7ae3
30a70e51276444fe1bd03accc93755ff155683132c07b4ba8f10ac41f4c2ce1e

HTTP Headers

GET /USPS/torsion2/files/no1/datepicker3.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2201
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/main.css

162.210.102.177

200 OK

13 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/main.css
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (49556)
Size
13 kB (13174 bytes)
Hash
3912db7c62c04aeac2c9a6159e919181
5fae4b8fbfc142feaee79ee1ed7d47f281ece54f
3ed1b08cb5d050674ab9871ebd15d3f1893028f5ce9cf731300d4c0276ce3312

HTTP Headers

GET /USPS/torsion2/files/no1/main.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13174
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/tracking-cross-sell.css

162.210.102.177

200 OK

900 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/tracking-cross-sell.css
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (3075), with no line terminators
Size
900 B (900 bytes)
Hash
a621018b4ec82dc0ecfe53a1be7c7127
98b1bd5d346965c091af17c1af55f6b096f8afaa
9fcf387e962cb09871c6c1db98ab55c873ea10f8c708287d1523e7f5e4b74e38

HTTP Headers

GET /USPS/torsion2/files/no1/tracking-cross-sell.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 900
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/jquery-ui.min.css

162.210.102.177

200 OK

7.3 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/jquery-ui.min.css
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (29153)
Size
7.3 kB (7297 bytes)
Hash
4908ac11fd6492067e3ef9f486605c41
c30b4d7c00a471ae6c50b0ca9163eafd382e92ed
80e33b32ffcbf0dffdfa241a124ecd87476df1174e2771daab7122df68403db2

HTTP Headers

GET /USPS/torsion2/files/no1/jquery-ui.min.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7297
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/trackingCode.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/trackingCode.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/trackingCode.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/require-jquery.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/require-jquery.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/require-jquery.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/helpers.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/helpers.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/helpers.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/search-fe.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/search-fe.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/search-fe.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/qt.css

162.210.102.177

200 OK

8.7 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/qt.css
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1599), with CRLF, LF line terminators
Size
8.7 kB (8718 bytes)
Hash
bc1c6a51fad84d452feddb6957545c55
75e265c66b847019ea0c2b7d4ff3df51e26664f1
e68c1bbef33bc6de5383fa8ef543413ba28fe7ea1d2ddbd0b03263bbbd7fed86

HTTP Headers

GET /USPS/torsion2/files/no1/qt.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8718
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/jquery.min.js(1).t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/jquery.min.js(1).t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/jquery.min.js(1).t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/resize-manager.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/resize-manager.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/resize-manager.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/1.css

162.210.102.177

200 OK

0 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/1.css
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /USPS/torsion2/files/no1/1.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:50 GMT
accept-ranges: bytes
content-length: 0
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/jquery-3.5.1.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/jquery-3.5.1.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/jquery-3.5.1.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/megamenu-v2.css

162.210.102.177

200 OK

6.6 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/megamenu-v2.css
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (44725), with no line terminators
Size
6.6 kB (6611 bytes)
Hash
cfce275cb2097acd32bce0cd4b431552
34d0a0fd9fbf6e93d378dd8a89546646fa77f206
ac3f33b6fb92249d57fd2f3f15babf191af2db6240c1cbc479bab97488795516

HTTP Headers

GET /USPS/torsion2/files/no1/megamenu-v2.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6611
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
fab8d37be9f23fb57d7766e89ea9844f
596ef7092de49047d967d3e7bc1216d3533b768a
19f5dba1058d94f0dae4581780d78b426413c3caadc3b9fe5edf67637bcfb111

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1525
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 08:47:38 GMT
Last-Modified: Sat, 01 Oct 2022 08:22:13 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279

fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0

104.17.224.78

200 OK

0 B

URL HTTP/2
fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0
IP
104.17.224.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Cookie: __cf_bm=OzpBlfVfo.IwaNJtg69VofvNdK4IL0y8XTciYhTl3MI-1664614013-0-AYTSGKEbRy4g9dQIfo894d5V7xwSo1B5/AC1M8i+3XtDVRtDb/dj7jt9w+p0diVr11XceFwzGifxk+kvbwORCdk=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 01 Oct 2022 08:47:38 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: T0ZH1hXNoB6jtguc1LneBuShAW+pnL1xXkATYgstf9s/Ek+CPWrz2AkHZOlSFb4Uzx1M4Yl24Z8=
x-amz-request-id: PR33JFF0ZQ6CYPJT
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 8644
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7533ef4bbaabb4f7-OSL
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/logo-sb.svg

162.210.102.177

200 OK

1.6 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/logo-sb.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.6 kB (1558 bytes)
Hash
dc71a0b5830a88cb37bc5859ddd6febf
eaa6e0cf855bea15fa29ecb2b1e38b4517abf435
a8c267efe95994a2b7c49ea67e6799970424d0f2321a938a2f04d39655cb394a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/logo-sb.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1558
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/schedule-redelivery.css

162.210.102.177

200 OK

4.4 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/schedule-redelivery.css
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (23129), with no line terminators
Size
4.4 kB (4428 bytes)
Hash
3252177236b7daf61bdc994cd80170b2
31a472759757fb84a2a49584ea8ab11e875a3e71
2de46ec7729f0d6233ef9b27443b161eda909cde5654f7c673a865c3180200d1

HTTP Headers

GET /USPS/torsion2/files/no1/schedule-redelivery.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4428
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/hamburger.svg

162.210.102.177

200 OK

251 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/hamburger.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Size
251 B (251 bytes)
Hash
6117d3cf5b5f672ad9663495887f7c39
061ffb7390a757090c8fb4a98377b913e77f9057
92f4c36e86624fbf0798ec53a025dce08a015746547c11dc6c985939f00cedea

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/hamburger.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 251
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/search.svg

162.210.102.177

200 OK

736 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/search.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
736 B (736 bytes)
Hash
8a31fb7683d2774d15cb80b2a505f8e5
c291652c4f953dda7e2811fa610a0b220b567729
55e3cf79f04aad31684bc2e714adee2a93ae1b9c0baa9edba53e01c88bcba1f5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/search.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 736
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/tracking.svg

162.210.102.177

200 OK

783 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/tracking.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
783 B (783 bytes)
Hash
8f8bfc4e147a094f652e6e84f8181ccf
0e05a6ae983278a8100b9268c865c698cf0f2814
444bd01aad77fd0bf403f6f3756dbebc3ed5ca3ef3b9cbf3f3aed05df7c0a0bb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/tracking.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 783
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/location.svg

162.210.102.177

200 OK

1.1 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/location.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.1 kB (1136 bytes)
Hash
0a1ca1ccf5ff9f82ab21211c45a5e6fc
1f2707a14018ac29696b0aa49fb6b3079a40fde4
bcb3cdd4d30cde3422425edcb5590810a5f1cf1567f60ba75e83189515453a98

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/location.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1136
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/stamps.svg

162.210.102.177

200 OK

494 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/stamps.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
494 B (494 bytes)
Hash
c4a4a5c3990824ec4564a7690ee04238
a8783c6f91c072e51ef4a3b3299fb05c0cd1d6d0
69e5e6c9816b37c62b32102f0d40da6e1820233d775b65f105bb0c4d77c8e6ba

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/stamps.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 494
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/mailman.svg

162.210.102.177

200 OK

834 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/mailman.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
834 B (834 bytes)
Hash
d423014c1b59afeba28f902547cb4064
16e3bf3ed8b60386b0bcdcda6597962d7448e933
8bd2b2bdd887ab7b38dd4d5ac269295b94cabac1b4bb9975e5975771ac1aed4e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/mailman.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 834
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/calculate_price.svg

162.210.102.177

200 OK

697 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/calculate_price.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
697 B (697 bytes)
Hash
839491f38b357d4730a3872555afe2a3
9fcdb6af212a53ae91acdbdcd634ab0059e3b82a
88d63b973252ac368c7a665f94767f7187cc0f2f33577eb35c4658e138267b23

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/calculate_price.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 697
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/schedule_pickup.svg

162.210.102.177

200 OK

862 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/schedule_pickup.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
862 B (862 bytes)
Hash
34d643de940c21fc6d5e079c4909a5ed
a7b4d82d1a95ea2045c0eb736559825feee5e1b6
c1c979cf93ef93d6ee81e089b3cc1a3b3aa1345ad24e52cc8fae81b64673fe12

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/schedule_pickup.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 862
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/logo_mobile.svg

162.210.102.177

200 OK

851 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/logo_mobile.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
851 B (851 bytes)
Hash
771732e6b2c2a1d1ca6a5b4b037f4364
839ceb5132e83f66a17835133bac5760a05aed46
1dcab98190e88027b2a5decb1ec2443a3f4b7eb2c1da8b399d676f807f83f4f0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/logo_mobile.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 851
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/find_zip.svg

162.210.102.177

200 OK

731 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/find_zip.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
731 B (731 bytes)
Hash
d936a0f125fcd2b02942320f296ed81d
7b882a24563b2b168d9be33677bf3d47c5d563df
46094eb27327e20f1f0f2be6560240bc4b517ef433a62cf33ab2eca665cd6507

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/find_zip.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 731
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/jquery-3.2.1.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/jquery-3.2.1.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/jquery-3.2.1.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/modernizr.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/modernizr.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/modernizr.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/megamenu.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/megamenu.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/megamenu.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/OneLinkUsps.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/OneLinkUsps.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/OneLinkUsps.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/ge-login.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/ge-login.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/ge-login.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/require.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/require.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/require.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/header-init-search.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/header-init-search.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/header-init-search.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/megamenu-additions.js.t%C3%A9l%C3%A9chargement

162.210.102.177

404 Not Found

1.2 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/megamenu-additions.js.t%C3%A9l%C3%A9chargement
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/megamenu-additions.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/main-sb.css

162.210.102.177

200 OK

2.6 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/main-sb.css
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (8795)
Size
2.6 kB (2604 bytes)
Hash
e74dd61f7db91b026d599a1f3ef5ccf3
17a346ea5740c4a6002a4fe318861ad9e4259655
944741f222c00fde620ca5e8a884db580e7d16beb26fb89269ed7803a8cf0646

HTTP Headers

GET /USPS/torsion2/files/no1/main-sb.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2604
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/footer-sb.css

162.210.102.177

200 OK

798 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/footer-sb.css
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (3179), with CRLF line terminators
Size
798 B (798 bytes)
Hash
8b7cab3058476e6b4e7ea4d274668e2a
0c065deaa425d1def273e0de471a1334ff46fc98
85cfd44c755118e839b831e4bbb6940ff14ec672e7cbf32075b706aedd00b973

HTTP Headers

GET /USPS/torsion2/files/no1/footer-sb.css HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 09:48:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 798
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/holdmail.svg

162.210.102.177

200 OK

714 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/holdmail.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
714 B (714 bytes)
Hash
258fb1adb2cea710eb2cb49e4a19209d
8afca7c399d8cfe698741011321ce01b11e10264
c0cae2cd29165a7f5faf47f4bce82812a9f18541f97eb2648ba1f16f9f93fdcd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/holdmail.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 714
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/change_address.svg

162.210.102.177

200 OK

879 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/change_address.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
879 B (879 bytes)
Hash
9dbbcb40275fff23cb4baeb72235f9f5
6f9b431a038a3dce39825bb59264dff4f8be21a1
f158040413f4f13d2da5d90e6d3cefb070e0da78c96a5a14efd8055f67fe6485

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/change_address.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 879
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/po_box.svg

162.210.102.177

200 OK

792 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/po_box.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
792 B (792 bytes)
Hash
b705487d65fd5617b8f9a25f8458e829
f9f71d6f930361e685eaa5e2f7277ae0beb502b7
d88aab56b5eecdb924dffd7c393d4a57d90a7e39864db70f09348ab3d0380d5c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/po_box.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 792
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/featured_clicknship.svg

162.210.102.177

200 OK

448 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/featured_clicknship.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Size
448 B (448 bytes)
Hash
b2d3ea1ee277752c7a64b6f73e8adeda
0eca2b23331088c8b34c0de1501b2f8a07b2afb7
818e6ce78cea3591c4a7378f0089b1f98c22c4b35072592607e714bcb52e8514

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/featured_clicknship.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 448
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/go-now.png

162.210.102.177

200 OK

20 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/go-now.png
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
PNG image data, 210 x 142, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20334 bytes)
Hash
d0dad9004bae0df70b06b75557b1df62
4a080764de6b97902413f5c836432a30da348517
2ff8048ab175abf501e134d00a973ca31a7b0de09c2777eab0a2c9dc07ca0289

HTTP Headers

GET /USPS/torsion2/files/no1/go-now.png HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/png
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-length: 20334
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/go-now(1).png

162.210.102.177

200 OK

8.0 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/go-now(1).png
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (8026 bytes)
Hash
49754396635190a6532dd376acc76ee1
526df243e2adbf5719b082c5e04190ed40209ccd
0962cc2915393132882747bf55b069572324019764af92ec02d5d0249bfdff99

HTTP Headers

GET /USPS/torsion2/files/no1/go-now(1).png HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/png
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-length: 8026
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/go-now(2).png

162.210.102.177

200 OK

32 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/go-now(2).png
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
PNG image data, 195 x 167, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (32151 bytes)
Hash
572fc82e3845cdfb11843e27b9d0b11c
94227977268983b68c97418e90bd20b138f6a297
6ed17d6f02e09f54d461213f9887c177d32f4fb0d4eb4209bb90a5c839865d90

HTTP Headers

GET /USPS/torsion2/files/no1/go-now(2).png HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/png
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-length: 32151
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/go-now(3).png

162.210.102.177

200 OK

20 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/go-now(3).png
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19969 bytes)
Hash
6311ef7a60f86d77aa48fcc48a675a31
96bc8b2fe87b126ffbf0d7b7ad8419661cb6bd9c
70d715475fb0a4756fc65c50cbb2cf0ca15f7311efc6c54b18e045e6ab202251

HTTP Headers

GET /USPS/torsion2/files/no1/go-now(3).png HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/png
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-length: 19969
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/go-now(4).png

162.210.102.177

200 OK

22 kB

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/go-now(4).png
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22133 bytes)
Hash
22ab573e325c944450873345437b0887
0446e4d20c824d38ef4d427cf7e025c8f034f11a
d8573e3e13b1fb40173ea39d5e7fc1b935ae1239b9ca37ac3d7fedf3d966f4ed

HTTP Headers

GET /USPS/torsion2/files/no1/go-now(4).png HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/png
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-length: 22133
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

rediregetps.com/USPS/torsion2/files/no1/free_boxes.svg

162.210.102.177

200 OK

589 B

URL HTTP/2
rediregetps.com/USPS/torsion2/files/no1/free_boxes.svg
IP
162.210.102.177:0
ASN
#32748 STEADFAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
589 B (589 bytes)
Hash
6941514a626be0afaecf226056aceb8e
9eea1b943c92ac6832adc1e563c7352a193b5346
ed76b610151120054b3bcfd94090c46160d437322353af63876423fdca09b358

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /USPS/torsion2/files/no1/free_boxes.svg HTTP/1.1
Host: rediregetps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/USPS/torsion2/pages/sms.php
Cookie: _gcl_au=1.1.610699267.1664614010; _rdt_uuid=1664614010391.2e03825c-68f5-4b9b-a035-cb48c47ec30d; _scid=f207e50e-4987-4168-8844-62af04db75ea; _ga=GA1.2.1470387633.1664614011; _gid=GA1.2.668526756.1664614011; _dc_gtm_UA-80133954-3=1; _uetsid=9783f7c0416511edbf0067fde9d09da3; _uetvid=9783ed10416511edbda3c110e9541cfe; _fbp=fb.1.1664614011172.620004445; _clck=1wrsaus|1|f5c|0; _pin_unauth=dWlkPU1ESTVZV0U0TTJZdE16Vm1aUzAwTURjMkxUZzVNbVF0WVRrMVpXSmlaR0ppTkRObA; mdLogger=false; kampyleUserSession=1664614011513; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _clsk=1fj84v2|1664614011932|1|0|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 08 Oct 2022 08:47:38 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 09:48:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 589
date: Sat, 01 Oct 2022 08:47:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.165.201.80

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.165.201.80:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sat, 01 Oct 2022 08:33:21 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sat, 01 Oct 2022 09:12:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f5db034a9eef3b097715a6b5d2c824a8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: SLL9aGcjW5UPPQzLXac0adUDJDeAgWxcaF2tXeBGDiiJikSKyCgbtg==
Age: 886

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d1be374a29f94481ff2c021e35f4eaa0
e05e92d94b5e434e9935e560fd8dc33bdc393aea
37a5132d2183f5c3bfaac5c89df691fea72cac4423110df88bdeb231f430deee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5567
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 08:47:39 GMT
Last-Modified: Sat, 01 Oct 2022 07:14:52 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

www.usps.com/assets/images/home/find_zip.svg

192.229.221.165

200 OK

793 B

URL HTTP/2
www.usps.com/assets/images/home/find_zip.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
793 B (793 bytes)
Hash
4b74917936300819402d564909e39a34
82c09f9b1fa78724d4843b28f12c52e8bb218f2a
d7178ea719cbe6f11c5da374dc26908b1ad0d05d34a33cd6e6d701f5e05c209b

HTTP Headers

GET /assets/images/home/find_zip.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26838
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "5bf-5494e7ed94c00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:08 GMT
server: ECAcc (dcb/7ECC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 793
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/utility_languages.png

192.229.221.165

200 OK

1.5 kB

URL HTTP/2
www.usps.com/assets/images/home/utility_languages.png
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1456 bytes)
Hash
410956805d5701e87299cff412827e1a
5de9a390649dfc12e3d6df431140d499ad8abd67
6e727dbf5b0f4a3ec76762e445ad2c5cb750f7de41afb8b0342f903124d09826

HTTP Headers

GET /assets/images/home/utility_languages.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 27273
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "5b0-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7E8E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1456
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/schedule_pickup.svg

192.229.221.165

200 OK

923 B

URL HTTP/2
www.usps.com/assets/images/home/schedule_pickup.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
923 B (923 bytes)
Hash
9f9e044f92360c82183e3a31b774e7b2
273798ee8d4dead89367b835cdb7f65f51e81b47
e4b7ae480aae11558a890826cde2cc6fa10039a787052dfc72cdad3e7a772373

HTTP Headers

GET /assets/images/home/schedule_pickup.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27403
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "6ef-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/732F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 923
X-Firefox-Spdy: h2

www.usps.com/global-elements/header/images/utility-header/search.svg

192.229.221.165

200 OK

795 B

URL HTTP/2
www.usps.com/global-elements/header/images/utility-header/search.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
795 B (795 bytes)
Hash
78562ea313af96eca6581054fdbbc76c
b0f3fd320af131b3787b39c864ecac52de12a75e
7932a41ccc861366f60896fe808612a1361c85d654aef21c5d54f7673141c0a9

HTTP Headers

GET /global-elements/header/images/utility-header/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26827
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "5b9-549b126599f40+gzip"
last-modified: Wed, 01 Mar 2017 20:28:05 GMT
server: ECAcc (dcb/7ECE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/tracking.svg

192.229.221.165

200 OK

844 B

URL HTTP/2
www.usps.com/assets/images/home/tracking.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
844 B (844 bytes)
Hash
04034bbe69ef912819cee070ff866703
2c96d71004568c2b460a7f8b796ae45ad89999ec
959755a6f38fb278acd6abb223db552ecf757c291f437149663009aafb83a181

HTTP Headers

GET /assets/images/home/tracking.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 43716
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "619-5494e7f71e280+gzip"
last-modified: Fri, 24 Feb 2017 22:46:18 GMT
server: ECAcc (dcb/7E95)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 844
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/holdmail.svg

192.229.221.165

200 OK

768 B

URL HTTP/2
www.usps.com/assets/images/home/holdmail.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
768 B (768 bytes)
Hash
2f40bbb9da0d97f2ba3f3efcfd7533af
34c76f88cdda4be234b58a76e466bc7a972f14ea
f1d176e77951f74582e7e311d99f98f7ce582bdb30051987f257eb3393ee2069

HTTP Headers

GET /assets/images/home/holdmail.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27500
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "5a8-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7EFC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 768
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/po_box.svg

192.229.221.165

200 OK

848 B

URL HTTP/2
www.usps.com/assets/images/home/po_box.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
848 B (848 bytes)
Hash
a1feed192f3aca7fd02c00b6ee45bb07
fce52b953f90a873186cd2c3ddb26dcca41884be
88dcd2a8a6b055bf63763c0a86338f33b09a257c89e26a5ae6a364becf1ac122

HTTP Headers

GET /assets/images/home/po_box.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27447
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "667-5494e7f259740+gzip"
last-modified: Fri, 24 Feb 2017 22:46:13 GMT
server: ECAcc (dcb/7FD5)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 848
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/collectors.svg

192.229.221.165

200 OK

561 B

URL HTTP/2
www.usps.com/test/nav/images/collectors.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
561 B (561 bytes)
Hash
8439e88bd2e43656b157f9c184635032
ddcb40776177a5eac36973e53f2f8bab73e65ea3
5ea3f924c3453a9b8a3f79251377f385f83c8cf9618129427795adf186b9338e

HTTP Headers

GET /test/nav/images/collectors.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27417
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "461-560f10f803ac0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:27 GMT
server: ECAcc (dcb/7FEB)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 561
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/change_address.svg

192.229.221.165

200 OK

935 B

URL HTTP/2
www.usps.com/assets/images/home/change_address.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
935 B (935 bytes)
Hash
6c6d11d6d4ad880538ac8b3c9b244e35
d2f5a684574f89a8bdac4ac35508dc29c61e9771
7d2bde4b550c48e86e4d1c6a106d195b5a259f74e2ceeab0772712d356ae7eb9

HTTP Headers

GET /assets/images/home/change_address.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27498
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "74d-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/733A)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 935
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/gifts.svg

192.229.221.165

200 OK

590 B

URL HTTP/2
www.usps.com/test/nav/images/gifts.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
590 B (590 bytes)
Hash
e97f9908f9eef2a76ea4f48e00196980
f32d5a4b791567c690ea7095d93bec78e422db40
ad60c73a39b0fcd4b311654aab6f3954edb03f37034ad5567cf9f69d63d905f4

HTTP Headers

GET /test/nav/images/gifts.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27107
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "3ee-560f10e9b5900+gzip"
last-modified: Fri, 22 Dec 2017 17:22:12 GMT
server: ECAcc (dcb/7378)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 590
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/search.svg

192.229.221.165

200 OK

795 B

URL HTTP/2
www.usps.com/assets/images/home/search.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
795 B (795 bytes)
Hash
ccfe748c6040d78e356b03d1a731585e
3e15bb471b3c3d0a5cebc3ccd137b5daf9273b7e
9a1b75fecaa2e0de127c36ddbb63c1bc2c44b3f81eed395734dee1ce837162fe

HTTP Headers

GET /assets/images/home/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 26839
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "5b9-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7F4B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/cards-and-envelopes.svg

192.229.221.165

200 OK

1.1 kB

URL HTTP/2
www.usps.com/test/nav/images/cards-and-envelopes.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1056 bytes)
Hash
5d63c3636efb2bbcb327ed13b714367b
c7e326811c101213173c2a585d1e9700731816ed
c63dd4b3239df8b0709202228ad62b9e06ec96c346d8f86f9e33a554973b795f

HTTP Headers

GET /test/nav/images/cards-and-envelopes.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 75713
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "8a9-560f10e8c16c0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:11 GMT
server: ECAcc (dcb/7F6F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1056
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/location.svg

192.229.221.165

200 OK

1.2 kB

URL HTTP/2
www.usps.com/assets/images/home/location.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1209 bytes)
Hash
9d8433f178d5a7b839a8bf25552c62b0
c21cec68e524862992f4aa51bf6955b953a65112
d01cb5a23f9b7f4a0a3db27cfd3d90e3813e75ed498fdbabe4df3a859390bd4f

HTTP Headers

GET /assets/images/home/location.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27026
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "a1a-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7F25)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1209
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/utility_customer_service.png

192.229.221.165

200 OK

1.3 kB

URL HTTP/2
www.usps.com/assets/images/home/utility_customer_service.png
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1307 bytes)
Hash
3500d365cd94527c71fe9c70d5cda435
0c7bede628d74cefaf5fce1b675c0ce3c72c78c9
34b28a24c5414dab68a15be6613536d905faf33fbf1aed8ee4702caa60be9bca

HTTP Headers

GET /assets/images/home/utility_customer_service.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 26942
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "51b-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7EB6)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1307
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/calculate_price.svg

192.229.221.165

200 OK

772 B

URL HTTP/2
www.usps.com/assets/images/home/calculate_price.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
772 B (772 bytes)
Hash
42af7d5484bf8f80ac930313caa5941f
c3dbaf338d7fa81845487333c0cba5b8341bd140
f8f9b52e8d7b815deba988cfcdc6596e9e7b6671075907290c8e96679b18fb2c

HTTP Headers

GET /assets/images/home/calculate_price.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27468
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "8fe-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/7304)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 772
X-Firefox-Spdy: h2

www.usps.com/test/nav/images/business.svg

192.229.221.165

200 OK

689 B

URL HTTP/2
www.usps.com/test/nav/images/business.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
689 B (689 bytes)
Hash
3b81ef43fc5b08bab4155c5fed116dc9
a5a804fb2f8f51b3e588d4edb01752eba0380f8d
a513b0f2fb200e9cf7b30ccfbde98f79e87a027c256d99f3159ad22dcb5cc4cb

HTTP Headers

GET /test/nav/images/business.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27444
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "4d2-560f10e7cd480+gzip"
last-modified: Fri, 22 Dec 2017 17:22:10 GMT
server: ECAcc (dcb/7FBE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 689
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/stamps.svg

192.229.221.165

200 OK

551 B

URL HTTP/2
www.usps.com/assets/images/home/stamps.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
551 B (551 bytes)
Hash
780aa534eb1541ac0834489beafdeea2
2593cddb6c1b7505016d3c1138e16ff556e42166
c2a1858fe0517c4c928dad150f22710f1771c1b43b92b79ceb0b20e44db61ee8

HTTP Headers

GET /assets/images/home/stamps.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1234
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "44f-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7EC4)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 551
X-Firefox-Spdy: h2

www.usps.com/assets/images/home/featured_clicknship.svg

192.229.221.165

200 OK

493 B

URL HTTP/2
www.usps.com/assets/images/home/featured_clicknship.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Size
493 B (493 bytes)
Hash
efb53558ef3932a80523af92bdda2085
1a97f57d64bc76f296423e1ddbdba9bc71b6d754
f0a25ce9d4e04e6b12bfc528584d599d5e472238849b0e1c66ff5357058d38fe

HTTP Headers

GET /assets/images/home/featured_clicknship.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27552
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "436-5494e7bfce000+gzip"
last-modified: Fri, 24 Feb 2017 22:45:20 GMT
server: ECAcc (dcb/7F6B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 493
X-Firefox-Spdy: h2

tools.usps.com/global-elements/header/images/utility-header/mailman.svg

192.229.221.165

200 OK

904 B

URL HTTP/2
tools.usps.com/global-elements/header/images/utility-header/mailman.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
904 B (904 bytes)
Hash
e4bb1afb6143cb1307585f007399e0e4
7d28cd35cbdb8427d4a12274c3f455e57f4742e0
06410c31087cff92e7842a2e6aaef3b5b114192f77e2b652283250fdca6d5e30

HTTP Headers

GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: tools.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
age: 62605
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "723-55885af730a40+gzip"
last-modified: Wed, 06 Sep 2017 13:54:41 GMT
server: ECAcc (dcb/7311)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-frame-options: SAMEORIGIN
x-ruleset-version: 5.1
content-length: 904
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.43.253.52

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.253.52:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7IUYIPctxozKs8EoqXzkeA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: p6Ii0kwallWKhKpXOsA/2sAtG7w=

www.usps.com/test/nav/images/shipping-supplies.svg

192.229.221.165

200 OK

1.3 kB

URL HTTP/2
www.usps.com/test/nav/images/shipping-supplies.svg
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.3 kB (1282 bytes)
Hash
7a8b39b328ba3e776e643f66844896e8
7a400d0f33c592651da919c728a30e46207a9449
05140d52bba76b4464360b852c3b78227cc2865c4512bf0010ee666f0c985f99

HTTP Headers

GET /test/nav/images/shipping-supplies.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 27031
cneonction: close
content-security-policy: default-src 'self' https:;                                              connect-src 'self' https:;                                              font-src 'self' https: data:;                                              frame-src 'self' https:;                                              img-src 'self' https: data:; media-src 'self' https:;                                              object-src 'self' https:;                                              script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                              style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Sat, 01 Oct 2022 08:47:39 GMT
etag: "9f8-560f10eaa9b40+gzip"
last-modified: Fri, 22 Dec 2017 17:22:13 GMT
server: ECAcc (dcb/731F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1282
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff

192.229.221.165

403 Forbidden

345 B

URL HTTP/2
www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rediregetps.com
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Sat, 01 Oct 2022 08:47:40 GMT
server: ECAcc (ska/F7BB)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff

192.229.221.165

403 Forbidden

345 B

URL HTTP/2
www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rediregetps.com
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Sat, 01 Oct 2022 08:47:40 GMT
server: ECAcc (ska/F779)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff

192.229.221.165

403 Forbidden

345 B

URL HTTP/2
www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rediregetps.com
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Sat, 01 Oct 2022 08:47:40 GMT
server: ECAcc (ska/F7B7)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf

192.229.221.165

403 Forbidden

345 B

URL HTTP/2
www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rediregetps.com
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Sat, 01 Oct 2022 08:47:40 GMT
server: ECAcc (ska/F6BE)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf

192.229.221.165

403 Forbidden

345 B

URL HTTP/2
www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rediregetps.com
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Sat, 01 Oct 2022 08:47:40 GMT
server: ECAcc (ska/F7A8)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf

192.229.221.165

403 Forbidden

345 B

URL HTTP/2
www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
IP
192.229.221.165:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794

HTTP Headers

GET /assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rediregetps.com
Connection: keep-alive
Referer: https://rediregetps.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html
date: Sat, 01 Oct 2022 08:47:40 GMT
server: ECAcc (ska/F6EC)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4596
Expires: Sat, 01 Oct 2022 10:04:16 GMT
Date: Sat, 01 Oct 2022 08:47:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4596
Expires: Sat, 01 Oct 2022 10:04:16 GMT
Date: Sat, 01 Oct 2022 08:47:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4596
Expires: Sat, 01 Oct 2022 10:04:16 GMT
Date: Sat, 01 Oct 2022 08:47:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4596
Expires: Sat, 01 Oct 2022 10:04:16 GMT
Date: Sat, 01 Oct 2022 08:47:40 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b0d9d19-67ea-434c-8233-4ac3ec9e78e7.jpeg

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b0d9d19-67ea-434c-8233-4ac3ec9e78e7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6959 bytes)
Hash
21e55a6ca7350ed834993a486e138de1
c09ee0f2be578f0067b2ed0237d565a04438147e
124ca8ae6e3f7c7bb28f0d47fa693753884261ed61896eccf7bc13f249fc8960

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b0d9d19-67ea-434c-8233-4ac3ec9e78e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6959
x-amzn-requestid: eaf91f33-2fe3-4ed5-b89c-6199c2f17651
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCF6toAMFSDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-3b8c7f290ffda97b2d179433;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qAOX_0r1sA_Bzn-UjQXmLObAYDyjiTU45aNSOPFt8ucUOyKfrw5ieg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:52:59 GMT
age: 39281
etag: "c09ee0f2be578f0067b2ed0237d565a04438147e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8299 bytes)
Hash
0d31a422078d02bda318c693c05a58dc
2df7db53629c7adda2c0a4dfe9c17791b73a75e1
a07fe4e135b52da6dfa9d8a55684f0a3bf5f5ce52c4064c8ab37836a939902a9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8299
x-amzn-requestid: 91eed6b6-632f-472b-93d7-4192425fcdfd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLDF0SoAMFWgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-17bb04894cc786555d693ec3;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pt23XcORl063B99HGVhjQwBrS36T7GBIAQO7StLrEH8PKIc4edxQwQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:52:55 GMT
age: 39285
etag: "2df7db53629c7adda2c0a4dfe9c17791b73a75e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10201 bytes)
Hash
4be456dbe857580c7b4c7fca3936e04e
49798c4a15545a49f3870b2a16af78dbf8e168cc
23e42987d5e9939424d5f4e4fe0c38faf20a221732097927dd4a656199d9d315

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10201
x-amzn-requestid: 62562627-78a8-4c17-bf6c-b2c986b9ee8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCFH3IAMFoFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-69637d745165485171ca73b9;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9wh9cCXRRlyQy8kXzSCNzMQSmac9iwgkRBrgyTtaMr6m2vXPRxVogg==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:55:26 GMT
etag: "49798c4a15545a49f3870b2a16af78dbf8e168cc"
content-type: image/jpeg
age: 39134
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6315 bytes)
Hash
206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPnunF35oAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F3fk5JnJ9ZFNPan-8DuLb4kuTiYKfniBar3qNlsuqd8a0saW3sEGvQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 04:41:31 GMT
age: 14769
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc003298b-5703-480c-8a4c-fffa9abe5028.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8091 bytes)
Hash
9466667cfaaedbb374259e8fb8dd63e3
0cd9a66508c343b43b095ac7f550919ec35097d3
bb70996bea518ba4ddc2c269e9a7c9bea3a9c91fed124a29570828b89250764c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc003298b-5703-480c-8a4c-fffa9abe5028.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8091
x-amzn-requestid: 78ccaa77-230e-4aa1-a409-7b2a444df9ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLDF_OIAMFpdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-0384396f2ed848bc1c17e1b7;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G75a-PITD4Wmlxxk_rrpRWNytSGNZlrL_JeoR4A_w6vshDkmRlouPw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:52:58 GMT
age: 39282
etag: "0cd9a66508c343b43b095ac7f550919ec35097d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46fd1600-2a91-4b2c-8b8b-5f8bdd64364a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.9 kB (3885 bytes)
Hash
0de8b7bbf1fbb1da9d346d6995a7b7a4
0ff6e67904c9e00a4e3dda9e5ef2007ec7426018
9c1e15fd02fb1129821410b33b60b3fede2338f7971bfd93b1547d12255d840b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46fd1600-2a91-4b2c-8b8b-5f8bdd64364a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3885
x-amzn-requestid: 6e42fb31-7c36-4551-b124-b4a31807a223
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlUaFjXIAMFbrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f4f-54e426f20cdec55272e3b9ec;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QEzjyCz02zrS4ZKJfaSPDI95gZJCMS8LrusxCQtsx1PjSkEYQwG0Ww==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 23:55:27 GMT
age: 31933
etag: "0ff6e67904c9e00a4e3dda9e5ef2007ec7426018"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (99)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/2

IP

ASN

File type