Report - postalserviceplacements.com

Report Overview

Submitted URL
postalserviceplacements.com
IP
173.208.242.171
ASN
#32097 WII
Submitted
2024-05-02 16:50:02
Access
public
Website Title
Postal Service Placements - Postal Exam
Final URL
postalserviceplacements.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-02	442 B	31 kB	142.250.74.74
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-01	436 B	84 kB	142.250.74.168
www.postalserviceplacements.com	unknown	unknown	No data	No data	1.9 kB	620 kB	173.208.242.171
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-02	2.7 kB	119 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-02	544 B	12 kB	142.250.74.106
site-assets.fontawesome.com	299062	2012-10-18	2022-02-10	2024-04-18	1.0 kB	888 kB	172.64.147.188
postalserviceplacements.com	unknown	unknown	No data	No data	3.7 kB	594 kB	173.208.242.171
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-01	910 B	49 kB	151.101.1.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-02	medium	postalserviceplacements.com	Sinkholed
2024-05-02	medium	postalserviceplacements.com	Sinkholed
2024-05-02	medium	postalserviceplacements.com	Sinkholed
2024-05-02	medium	postalserviceplacements.com	Sinkholed
2024-05-02	medium	postalserviceplacements.com	Sinkholed
2024-05-02	medium	postalserviceplacements.com	Sinkholed
2024-05-02	medium	postalserviceplacements.com	Sinkholed
2024-05-02	medium	postalserviceplacements.com	Sinkholed
2024-05-02	medium	postalserviceplacements.com	Sinkholed
2024-05-02	medium	postalserviceplacements.com	Sinkholed
2024-05-02	medium	postalserviceplacements.com	Sinkholed
2024-05-02	medium	postalserviceplacements.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=AW-16501576636	236 kB	2024-05-02	2024-05-02
Pretty URL www.googletagmanager.com/gtag/js?id=AW-16501576636 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 18:50:09 Last Seen2024-05-02 18:50:09 Times Seen2 Hash 4a90943d38c1c9a78dc022ca19133314 41770721ba4c13efdd738f66bb130be5d84a1f42 3b5319941b1e9631558e560bba9bf56d6096b3279e7c3001d622c540c927a1c9 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-05-17
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-17 09:29:39 Times Seen113592 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js	60 kB	2023-03-09	2024-05-16
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:23:05 Last Seen2024-05-16 16:55:21 Times Seen683 Hash b0794583ec020a7852f0fc04d5cefc52 847dff899b5bcf8ee434e389e2a910ba1dbad76f 9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0 Loading...

	postalserviceplacements.com/js/main.js?1714668576	1.0 kB	2024-05-02	2024-05-02
Pretty URL postalserviceplacements.com/js/main.js?1714668576 IP 173.208.242.171 ASN #32097 WII Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 18:50:09 Last Seen2024-05-02 18:50:09 Times Seen2 Hash fb188737efb0e9af5d7b4e6f1500e18f 1b0c5ea6c48161a52d264c962b11214b94080023 113b9026823d1f996c6b7ccd673c148ba067f828021592f90da69de1f9d558bd Loading...

	postalserviceplacements.com/	155 B	2024-05-02	2024-05-02
Pretty URL postalserviceplacements.com/ IP 173.208.242.171 ASN #32097 WII Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 18:50:09 Last Seen2024-05-02 18:50:09 Times Seen1 Hash 08aceb7aab337438d9c500179bf6bf4c a16e7aeaf45ef4f2321fd0fccf52a2de8130b651 c029656c547688d9692a08a27adf46bdb14d860fc6b1523238c7524957339ddb Loading...

HTTP Transactions (24)

URL IP Response Size

postalserviceplacements.com/

173.208.242.171

200 OK

14 kB

URL User Request GET HTTP/1.1
postalserviceplacements.com/
IP
173.208.242.171:443
ASN
#32097 WII

Certificate
IssuerLet's Encrypt
Subject*.postalserviceplacements.com
FingerprintB2:0A:8A:3A:0C:AC:EF:A7:96:3E:21:40:8E:05:66:E0:26:02:41:4A
ValiditySat, 27 Apr 2024 19:38:19 GMT - Fri, 26 Jul 2024 19:38:18 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (942)
Size
14 kB (13886 bytes)
Hash
cd8ecf3bf42dece5fd223366ed48f10f
4d95a7da5e8ca967f3a1cf2dc8ff284bfdaf9f9a
1a7149f732b58c139b514f63fbf85bf5f4de8f1f580c2ddc911e60b5bfb5b9f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: postalserviceplacements.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 16:49:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

151.101.1.229

200 OK

30 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://postalserviceplacements.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (65305)
Size
30 kB (30336 bytes)
Hash
3f30c2c47d7d23c7a994db0c862d45a5
7791dd1f3173a0d62cc39c21d2ad71fc8dad0e72
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

HTTP Headers

GET /npm/bootstrap@5.2.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.3
x-jsd-version-type: version
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
content-encoding: br
accept-ranges: bytes
date: Thu, 02 May 2024 16:49:36 GMT
age: 16420250
x-served-by: cache-fra-eddf8230122-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30336
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js

151.101.1.229

200 OK

17 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://postalserviceplacements.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (60125)
Size
17 kB (17319 bytes)
Hash
b0794583ec020a7852f0fc04d5cefc52
847dff899b5bcf8ee434e389e2a910ba1dbad76f
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0

HTTP Headers

GET /npm/bootstrap@5.2.3/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.2.3
x-jsd-version-type: version
etag: W/"ebf4-hH3/iZtbz47kNOOJ4qkQuh26128"
content-encoding: br
accept-ranges: bytes
date: Thu, 02 May 2024 16:49:36 GMT
age: 26209445
x-served-by: cache-fra-eddf8230085-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17319
X-Firefox-Spdy: h2

postalserviceplacements.com/js/main.js?1714668576

173.208.242.171

200 OK

1.0 kB

URL GET HTTP/1.1
postalserviceplacements.com/js/main.js?1714668576
IP
173.208.242.171:443
ASN
#32097 WII

Requested by
https://postalserviceplacements.com/
Certificate
IssuerLet's Encrypt
Subject*.postalserviceplacements.com
FingerprintB2:0A:8A:3A:0C:AC:EF:A7:96:3E:21:40:8E:05:66:E0:26:02:41:4A
ValiditySat, 27 Apr 2024 19:38:19 GMT - Fri, 26 Jul 2024 19:38:18 GMT

File type
JavaScript source, ASCII text
Size
1.0 kB (1037 bytes)
Hash
fb188737efb0e9af5d7b4e6f1500e18f
1b0c5ea6c48161a52d264c962b11214b94080023
113b9026823d1f996c6b7ccd673c148ba067f828021592f90da69de1f9d558bd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/main.js?1714668576 HTTP/1.1
Host: postalserviceplacements.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 16:49:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 16 Apr 2024 15:55:11 GMT
Accept-Ranges: bytes
Content-Length: 1037
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.74

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://postalserviceplacements.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:53:06 GMT
expires: Fri, 02 May 2025 01:53:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 53790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-16501576636

142.250.74.168

200 OK

84 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=AW-16501576636
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://postalserviceplacements.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
84 kB (83757 bytes)
Hash
4a90943d38c1c9a78dc022ca19133314
41770721ba4c13efdd738f66bb130be5d84a1f42
3b5319941b1e9631558e560bba9bf56d6096b3279e7c3001d622c540c927a1c9

HTTP Headers

GET /gtag/js?id=AW-16501576636 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 May 2024 16:49:36 GMT
expires: Thu, 02 May 2024 16:49:36 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83757
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.postalserviceplacements.com/css/responsive.css?1714668576

173.208.242.171

200 OK

9.3 kB

URL GET HTTP/1.1
www.postalserviceplacements.com/css/responsive.css?1714668576
IP
173.208.242.171:443
ASN
#32097 WII

Requested by
https://postalserviceplacements.com/
Certificate
IssuerLet's Encrypt
Subject*.postalserviceplacements.com
FingerprintB2:0A:8A:3A:0C:AC:EF:A7:96:3E:21:40:8E:05:66:E0:26:02:41:4A
ValiditySat, 27 Apr 2024 19:38:19 GMT - Fri, 26 Jul 2024 19:38:18 GMT

File type
assembler source, ASCII text
Size
9.3 kB (9346 bytes)
Hash
d152ea66425e42c55d0001b175af50d2
a51e40de4b1fa8da942fdfe448b801b776a909fa
9720e3e8ac7244e63b4bed5d0fe2045373982f0f7fbe905c43429b002cd7f5b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/responsive.css?1714668576 HTTP/1.1
Host: www.postalserviceplacements.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 16:49:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 16 Apr 2024 15:55:11 GMT
Accept-Ranges: bytes
Content-Length: 9346
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.postalserviceplacements.com/css/style.css?1714668576

173.208.242.171

200 OK

30 kB

URL GET HTTP/1.1
www.postalserviceplacements.com/css/style.css?1714668576
IP
173.208.242.171:443
ASN
#32097 WII

Requested by
https://postalserviceplacements.com/
Certificate
IssuerLet's Encrypt
Subject*.postalserviceplacements.com
FingerprintB2:0A:8A:3A:0C:AC:EF:A7:96:3E:21:40:8E:05:66:E0:26:02:41:4A
ValiditySat, 27 Apr 2024 19:38:19 GMT - Fri, 26 Jul 2024 19:38:18 GMT

File type
assembler source, ASCII text, with very long lines (351)
Size
30 kB (29886 bytes)
Hash
4c71d174daee22bcb981192ef3a897b8
4506602e14d9859ff7e59502b8c39b42ca597085
57be41f5be58fb1836dfec751222729777975fe65f0808ac9db53e2eea4a89c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/style.css?1714668576 HTTP/1.1
Host: www.postalserviceplacements.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 16:49:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Fri, 19 Apr 2024 13:20:50 GMT
Accept-Ranges: bytes
Content-Length: 29886
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.postalserviceplacements.com/img/psp_logo.png

173.208.242.171

200 OK

4.5 kB

URL GET HTTP/1.1
www.postalserviceplacements.com/img/psp_logo.png
IP
173.208.242.171:443
ASN
#32097 WII

Requested by
https://postalserviceplacements.com/
Certificate
IssuerLet's Encrypt
Subject*.postalserviceplacements.com
FingerprintB2:0A:8A:3A:0C:AC:EF:A7:96:3E:21:40:8E:05:66:E0:26:02:41:4A
ValiditySat, 27 Apr 2024 19:38:19 GMT - Fri, 26 Jul 2024 19:38:18 GMT

File type
PNG image data, 358 x 45, 8-bit/color RGBA, non-interlaced
Size
4.5 kB (4461 bytes)
Hash
5f4c723d56db028f45a25f79acb6d2f3
c0645d4b18efe1ddeb55e4aee291f44df58e2541
777de23ea1d3e50ed50c1e5002377f281f38e98c297d7c77a9396875125c2008

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/psp_logo.png HTTP/1.1
Host: www.postalserviceplacements.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 16:49:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 16 Apr 2024 15:55:11 GMT
Accept-Ranges: bytes
Content-Length: 4461
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://postalserviceplacements.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://postalserviceplacements.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:10 GMT
expires: Fri, 02 May 2025 02:01:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 53307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://postalserviceplacements.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://postalserviceplacements.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:03:54 GMT
expires: Fri, 02 May 2025 02:03:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 53143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://postalserviceplacements.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://postalserviceplacements.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:32:46 GMT
expires: Fri, 02 May 2025 02:32:46 GMT
cache-control: public, max-age=31536000
age: 51411
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

216.58.207.227

200 OK

51 kB

URL GET HTTP/2
fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://postalserviceplacements.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 51404, version 1.0
Size
51 kB (51404 bytes)
Hash
b904fcdf1c4c6059fadd6893a7bc7619
f41d1674f02616f03ef77d4e84b3ad8ba28a36fc
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

HTTP Headers

GET /s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://postalserviceplacements.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:26:22 GMT
expires: Fri, 02 May 2025 02:26:22 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
age: 51795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

postalserviceplacements.com/img/Vector-1.svg

173.208.242.171

200 OK

14 kB

URL GET HTTP/1.1
postalserviceplacements.com/img/Vector-1.svg
IP
173.208.242.171:443
ASN
#32097 WII

Requested by
https://postalserviceplacements.com/
Certificate
IssuerLet's Encrypt
Subject*.postalserviceplacements.com
FingerprintB2:0A:8A:3A:0C:AC:EF:A7:96:3E:21:40:8E:05:66:E0:26:02:41:4A
ValiditySat, 27 Apr 2024 19:38:19 GMT - Fri, 26 Jul 2024 19:38:18 GMT

File type
SVG Scalable Vector Graphics image
Size
14 kB (13977 bytes)
Hash
e3797942cd9a21e04adfba8aadf892b2
30e44f3ea8af181095d2f4da274b3bd194734e9d
c53b584453d96b7ec8c65df9a8da68389bcac257bd5e93c17ae38e26a0c499f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/Vector-1.svg HTTP/1.1
Host: postalserviceplacements.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 16:49:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 16 Apr 2024 15:55:11 GMT
Accept-Ranges: bytes
Content-Length: 13977
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://postalserviceplacements.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://postalserviceplacements.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 53677
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

postalserviceplacements.com/img/Vector-2.svg

173.208.242.171

200 OK

4.9 kB

URL GET HTTP/1.1
postalserviceplacements.com/img/Vector-2.svg
IP
173.208.242.171:443
ASN
#32097 WII

Requested by
https://postalserviceplacements.com/
Certificate
IssuerLet's Encrypt
Subject*.postalserviceplacements.com
FingerprintB2:0A:8A:3A:0C:AC:EF:A7:96:3E:21:40:8E:05:66:E0:26:02:41:4A
ValiditySat, 27 Apr 2024 19:38:19 GMT - Fri, 26 Jul 2024 19:38:18 GMT

File type
SVG Scalable Vector Graphics image
Size
4.9 kB (4887 bytes)
Hash
c0bf9318e2b9373b16278141301f4ea4
8b9128dff167b5788159d72b2f3b5ef55723ad47
2fb3670e2bcfee510e7f77de9e4e4f465e1c5ad0cece478d2b7993258d104d39

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/Vector-2.svg HTTP/1.1
Host: postalserviceplacements.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 16:49:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 16 Apr 2024 15:55:11 GMT
Accept-Ranges: bytes
Content-Length: 4887
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml

postalserviceplacements.com/img/Vector-3.svg

173.208.242.171

200 OK

6.4 kB

URL GET HTTP/1.1
postalserviceplacements.com/img/Vector-3.svg
IP
173.208.242.171:443
ASN
#32097 WII

Requested by
https://postalserviceplacements.com/
Certificate
IssuerLet's Encrypt
Subject*.postalserviceplacements.com
FingerprintB2:0A:8A:3A:0C:AC:EF:A7:96:3E:21:40:8E:05:66:E0:26:02:41:4A
ValiditySat, 27 Apr 2024 19:38:19 GMT - Fri, 26 Jul 2024 19:38:18 GMT

File type
SVG Scalable Vector Graphics image
Size
6.4 kB (6354 bytes)
Hash
2d84a6f871bff7f51beb561f1230ffca
ea9822069773961c2dc6523e4ee16d2dbe526246
d6ea60dbc21b9bc07056a5af3e09105b5888fa030026918f9648c6ed0662ecfc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/Vector-3.svg HTTP/1.1
Host: postalserviceplacements.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 16:49:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 16 Apr 2024 15:55:11 GMT
Accept-Ranges: bytes
Content-Length: 6354
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml

www.postalserviceplacements.com/img/hero-img.png

173.208.242.171

200 OK

575 kB

URL GET HTTP/1.1
www.postalserviceplacements.com/img/hero-img.png
IP
173.208.242.171:443
ASN
#32097 WII

Requested by
https://postalserviceplacements.com/
Certificate
IssuerLet's Encrypt
Subject*.postalserviceplacements.com
FingerprintB2:0A:8A:3A:0C:AC:EF:A7:96:3E:21:40:8E:05:66:E0:26:02:41:4A
ValiditySat, 27 Apr 2024 19:38:19 GMT - Fri, 26 Jul 2024 19:38:18 GMT

File type
PNG image data, 1077 x 650, 8-bit/color RGBA, non-interlaced
Size
575 kB (574951 bytes)
Hash
a771096b9456909192ee92bc7695bed1
e784d3a936f479ed8888cc6e9c9e722d969d2a29
8884438757cdfffb121d1f9834be33945fcee04475af40208d22f1df3bf61562

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/hero-img.png HTTP/1.1
Host: www.postalserviceplacements.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.postalserviceplacements.com/css/style.css?1714668576
Cookie: _gcl_au=1.1.943835398.1714668577
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 16:49:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 16 Apr 2024 15:55:11 GMT
Accept-Ranges: bytes
Content-Length: 574951
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://postalserviceplacements.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
12 kB (11824 bytes)
Hash
1260934e4609f7a165335eac4f8da3a5
e7e42e1ceabe432a228e61d039c4f241212477d6
34836edd0642186cb467471c3a9135c4947b7d170507dba0b451f80ee7767765

HTTP Headers

GET /css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 May 2024 16:49:36 GMT
date: Thu, 02 May 2024 16:49:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

postalserviceplacements.com/img/career-opportunities.jpg

173.208.242.171

200 OK

172 kB

URL GET HTTP/1.1
postalserviceplacements.com/img/career-opportunities.jpg
IP
173.208.242.171:443
ASN
#32097 WII

Requested by
https://postalserviceplacements.com/
Certificate
IssuerLet's Encrypt
Subject*.postalserviceplacements.com
FingerprintB2:0A:8A:3A:0C:AC:EF:A7:96:3E:21:40:8E:05:66:E0:26:02:41:4A
ValiditySat, 27 Apr 2024 19:38:19 GMT - Fri, 26 Jul 2024 19:38:18 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=428, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=760], progressive, precision 8, 760x428, components 3
Size
172 kB (171981 bytes)
Hash
58ae258f5272e4ed0f0f7610425698e1
09b2314f28489e290d54629bd9bdd4177394442b
af95834d1bf1ead2c5f38020301de5b226c20e97f09f73349f6585220f7fd3bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/career-opportunities.jpg HTTP/1.1
Host: postalserviceplacements.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 16:49:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 16 Apr 2024 15:55:11 GMT
Accept-Ranges: bytes
Content-Length: 171981
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

site-assets.fontawesome.com/releases/v6.1.1/webfonts/fa-regular-400.woff2

172.64.147.188

200 OK

389 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.1.1/webfonts/fa-regular-400.woff2
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://postalserviceplacements.com/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 388900, version 769.768
Size
389 kB (388900 bytes)
Hash
a927362a975051e5d7361d860d8ffba7
6b97f2ea63d6e7e04006d0366b87697fb4a594d0
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e

HTTP Headers

GET /releases/v6.1.1/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://postalserviceplacements.com
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 16:49:37 GMT
content-type: font/woff2
content-length: 388900
x-amz-id-2: ngMdRC2Z0UP5mVII+aGNzZnLo0COwLdBkU4pWjROdKcFL11RRpMqWmlBk8RcCxWGjxHiFAtCZ7M/m+r8un4UI+kqP12mcgcVNvnxWX7XdNQ=
x-amz-request-id: 1GH559776HT63G8D
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 22 Mar 2022 15:42:55 GMT
etag: "a927362a975051e5d7361d860d8ffba7"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 87d98170a92f7129-OSL
X-Firefox-Spdy: h2

postalserviceplacements.com/img/working-usps.jpg

173.208.242.171

200 OK

379 kB

URL GET HTTP/1.1
postalserviceplacements.com/img/working-usps.jpg
IP
173.208.242.171:443
ASN
#32097 WII

Requested by
https://postalserviceplacements.com/
Certificate
IssuerLet's Encrypt
Subject*.postalserviceplacements.com
FingerprintB2:0A:8A:3A:0C:AC:EF:A7:96:3E:21:40:8E:05:66:E0:26:02:41:4A
ValiditySat, 27 Apr 2024 19:38:19 GMT - Fri, 26 Jul 2024 19:38:18 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=500, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=900], progressive, precision 8, 900x500, components 3
Size
379 kB (378980 bytes)
Hash
3c504a015f6f8814dc6aea152fda944f
a3d148f1439bee0cba36561746ffa3ee1e2deaaf
79f78277a632c7225425ef973ce107a445e2ceeee94d5019c275ffeac00097a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/working-usps.jpg HTTP/1.1
Host: postalserviceplacements.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 16:49:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 16 Apr 2024 15:55:11 GMT
Accept-Ranges: bytes
Content-Length: 378980
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

postalserviceplacements.com/favicon.ico

173.208.242.171

404 Not Found

315 B

URL GET HTTP/1.1
postalserviceplacements.com/favicon.ico
IP
173.208.242.171:443
ASN
#32097 WII

Requested by
https://postalserviceplacements.com/
Certificate
IssuerLet's Encrypt
Subject*.postalserviceplacements.com
FingerprintB2:0A:8A:3A:0C:AC:EF:A7:96:3E:21:40:8E:05:66:E0:26:02:41:4A
ValiditySat, 27 Apr 2024 19:38:19 GMT - Fri, 26 Jul 2024 19:38:18 GMT

File type
HTML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: postalserviceplacements.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Cookie: _gcl_au=1.1.943835398.1714668577
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Thu, 02 May 2024 16:49:38 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

site-assets.fontawesome.com/releases/v6.1.1/css/all.css

172.64.147.188

200 OK

498 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.1.1/css/all.css
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://postalserviceplacements.com/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65360)
Size
498 kB (498160 bytes)
Hash
325672b036bab9b57f6873aed5eccc43
264f5db348311950380ad1bca79754ff593d87e2
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

HTTP Headers

GET /releases/v6.1.1/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postalserviceplacements.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 16:49:36 GMT
content-type: text/css
x-amz-id-2: Y1TmNuBPJ2aktX68kJThHqHYS+UBzLzvigLuxqSKGropAjQHJXqctJ8cMj8EZaj3hWZqBw7vjseo/ptPWK0rIs/nC5bnGezhyLprTTXGcJA=
x-amz-request-id: 9ZNBHYHZ9G1WY9FS
last-modified: Tue, 22 Mar 2022 15:39:41 GMT
etag: W/"325672b036bab9b57f6873aed5eccc43"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 170506
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d9816b5b177130-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (24)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers