r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 82788b8b26eeba7f492106ea47729bbb
823b2d3c336d11064a6b809057bed46bb65a7969
7671d088ba1420ffa01dbd63c5f7ab28d52d3591bc04c4cc182d1f9e64a7f2f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7671D088BA1420FFA01DBD63C5F7AB28D52D3591BC04C4CC182D1F9E64A7F2F8"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7300
Expires: Sat, 29 Oct 2022 13:09:42 GMT
Date: Sat, 29 Oct 2022 11:08:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 856ee3167a1a6efa13187b6d726d61e4
30d121bebc8f164b38d929e94193ca0caa9ce708
c79ab5ce8d207664a2e0b63762e68f1a906d68c31c59139965201c870619063a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4267
Cache-Control: max-age=171247
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:02 GMT
Etag: "635cf2d6-1d7"
Expires: Mon, 31 Oct 2022 10:42:09 GMT
Last-Modified: Sat, 29 Oct 2022 09:31:02 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 922281894182eba1fc67c2d8678e3238
e169209341b09bf4f14ebb3fc7c07b03f2121bf1
37516083f7655af68d7e426efca6f9f3709a80318ac7bb8cc492c183916141b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5379
Cache-Control: max-age=85964
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:02 GMT
Etag: "635ba15b-1d7"
Expires: Sun, 30 Oct 2022 11:00:46 GMT
Last-Modified: Fri, 28 Oct 2022 09:31:07 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22eebb819dc140cc288474d9891526b4
45c18772664e9e3efb6a44d7da93699c81f71827
ce6a96e470dbfb48ff42fdaf5eaa464a87dc60b495e3e2767086ec0b6564fdd7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE6A96E470DBFB48FF42FDAF5EAA464A87DC60B495E3E2767086EC0B6564FDD7"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4427
Expires: Sat, 29 Oct 2022 12:21:50 GMT
Date: Sat, 29 Oct 2022 11:08:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 77yGAJnvsmX84WWJhZxNoegSGOPCFgE2TradD41HNs0GSQ2o9H1IEZTiIyEf9u4lOmcKsZCTsb8=
x-amz-request-id: J7ZH48HRFWAXSGKZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 29 Oct 2022 10:44:01 GMT
age: 1442
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 29 Oct 2022 11:08:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
146.190.217.48302 Found 0 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
IP 146.190.217.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery DynDNS domain detected
GET / HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 29 Oct 2022 11:08:02 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813; path=/
Location: USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d23430a3322d9d62a11844dcb41e6b36
b3798f6bdf72e31d2bd38ee609bb8f5701a337b1
2e310b291a80f54bac4ddca876398ec04a17517464b17f8f290ee0a3d3f28156
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4277
Cache-Control: max-age=166198
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:03 GMT
Etag: "635cdf14-1d7"
Expires: Mon, 31 Oct 2022 09:18:01 GMT
Last-Modified: Sat, 29 Oct 2022 08:06:44 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/usps-fonts.css
146.190.217.48200 OK 3.3 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/usps-fonts.css
IP 146.190.217.48:0
File type CSV text\012- , ASCII text, with very long lines (548)
Hash ff5f1d5d8680597b16dec4776536ab4b
f008371165d6a1c6a792347ecee106d8ba81a6f2
105e974d53f06bd2dab2baaa2e8da20812ec7d132fd0e86bb27e16b8238cf457
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/usps-fonts.css HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:03 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 3271
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qnfK4h8J8li94nq2xiVjDg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wM+TrOaKUdlQo00tny6Sg/ColNQ=
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/bootstrap-sticky-footer.css
146.190.217.48200 OK 137 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/bootstrap-sticky-footer.css
IP 146.190.217.48:0
File type ASCII text, with no line terminators
Hash 46ca0541d17fb74860b13bddfb40dd53
e5f10c720b7556798ace107f6ca704241676460c
bb0e5cffa99e8c888c9acd59e3f6e929ff885f7e255b1af639f5d49dc61e2b32
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/bootstrap-sticky-footer.css HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:03 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 137
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/21006064_002.js
146.190.217.48200 OK 1.1 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/21006064_002.js
IP 146.190.217.48:0
File type ASCII text, with CRLF line terminators
Hash d51d57187870a8a1de69e179d0feaa4a
0edc7cb602df552ed99354611d8035df845dbdd1
ab6e33124ca88c96695d13345c050b5edd134f6307564896098ded6c6515a1a5
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/21006064_002.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:03 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1141
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/21006064.js
146.190.217.48200 OK 1.7 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/21006064.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (1735), with no line terminators
Hash 9bf57e26660b2aa5d23477b533c74fd7
0f6ad66b400f01e1e32f2d586e5b60476e3dfa91
518d16ac02487f5e18c5f301e9ff50976c1bf458e3c416e380fc3c73f6667e9c
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/21006064.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:03 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1735
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/f_002.txt
146.190.217.48200 OK 2.3 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/f_002.txt
IP 146.190.217.48:0
File type ASCII text, with very long lines (2303), with no line terminators
Hash e63f37169382824b01725a02b3fe2ad6
2ea785c319a6cdd9f34a6b52d251e081623336ef
967a5776ea4b713f6a5473794e2222411a288d98b354aeec49ce2cb7cbe4e054
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/f_002.txt HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 2303
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/plain
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/f.txt
146.190.217.48200 OK 42 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/f.txt
IP 146.190.217.48:0
File type ASCII text, with very long lines (1623)
Hash 054a78c014642c955c27626be2d8134b
b1820e69abd79548525fe90d9e114acc249327a8
194e7b2883c824a3e1de387cb2e99e8f2912925b89c7663bd7dd868fd1aba26a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/f.txt HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:03 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 41958
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
146.190.217.48200 OK 285 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (51698), with CRLF line terminators
Size 285 kB (284981 bytes)
Hash c26865ed096ff44d1ca4377bfe312eb0
87d499530993586968d43458e7b6c9ed9be43ecc
e237080b6495793b802f408a3fafd1318ef847cd110116bcde540ed8bed1024e
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/ HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:03 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/scevent.min.js
146.190.217.48200 OK 23 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/scevent.min.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (22702), with no line terminators
Hash 23a51b16831efcf4fe0caaf0b12342a2
0564115194f59fabdf49da5d2b8f323ba1eddc86
b1c8384f493600f8ca471b69029eb14dc4a9b7e4070305c2f418752d0fc4ceef
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/scevent.min.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 22702
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/bat.js
146.190.217.48200 OK 39 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/bat.js
IP 146.190.217.48:0
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 16911c194f6e9313655f07c4eb9d8737
d39ccfa8c6d785af331afafe9e36336031f41b64
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/bat.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 38827
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/core.js
146.190.217.48200 OK 1.1 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/core.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (1142), with no line terminators
Hash b06b4e6cb1f66b46eb000478658c5236
e6a12798819f7512b3dc773b5abe637bf6c2491e
5afc363b68106631c9744da4953b7f123c67bb28f07e85c21e97d06c439a093a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/core.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1142
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 63b03d16d2cd0f0a8703f03be268bad1
80c3a69a190bb644fb72270785a88542e5145868
82ad142f7f94afe1bb852abad254389e27a66bdc8d053cb54531e32feaed5cc6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2780
Cache-Control: max-age=156438
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:04 GMT
Etag: "635cbece-1d7"
Expires: Mon, 31 Oct 2022 06:35:22 GMT
Last-Modified: Sat, 29 Oct 2022 05:49:02 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/bootstrap.min.css
146.190.217.48200 OK 122 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/bootstrap.min.css
IP 146.190.217.48:0
File type ASCII text, with very long lines (64985)
Size 122 kB (122482 bytes)
Hash 6439ff95f4b0d95bf8ba1897c19eab2c
63e64f9cdb0033dcc836be4f59a710875ef34ad6
f4bbc1d72d017bef7a1d71c52e952861b92178cc2dd5378592eb875dfdae9b66
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/bootstrap.min.css HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:03 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 122482
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/pixel.js
146.190.217.48200 OK 25 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/pixel.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (25224)
Hash 1a42767ea6f6e5498e665d394486e413
f2c8f17c515ba67719cf8c563b972a01ee08cd57
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/pixel.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 25225
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
tr.snapchat.com/log/error
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/log/error
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /log/error HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------13232997383338505300972313694
Content-Length: 1159
Origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 29 Oct 2022 11:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/main.55e552f9.js
146.190.217.48200 OK 54 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/main.55e552f9.js
IP 146.190.217.48:0
File type Unicode text, UTF-8 text, with very long lines (54284), with no line terminators
Hash c705fdcc9a56806c2ec8752d806173df
49f9713291403377abc7004f70508e95e5bfc9c4
ecf5185587dc584318775956d242115534ec7d928758081c0f9a1e3f97992508
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/main.55e552f9.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 54294
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/fbevents.js
146.190.217.48200 OK 103 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/fbevents.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (64348)
Size 103 kB (102880 bytes)
Hash e61c2ad4afdaf056d9fcbbef6171d5d4
cd5f9eb9f949d9df3ccc612aef7488323d47453d
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/fbevents.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 102880
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 63b03d16d2cd0f0a8703f03be268bad1
80c3a69a190bb644fb72270785a88542e5145868
82ad142f7f94afe1bb852abad254389e27a66bdc8d053cb54531e32feaed5cc6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6292
Cache-Control: max-age=159950
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:04 GMT
Etag: "635cbece-1d7"
Expires: Mon, 31 Oct 2022 07:33:54 GMT
Last-Modified: Sat, 29 Oct 2022 05:49:02 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/uwt.js
146.190.217.48200 OK 57 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/uwt.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash d4de8398858246712016031c834bb061
49709126e0fcb914a62f3255ae3ffe45a3fbe0ae
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/uwt.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 57443
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/gtm_002.js
146.190.217.48200 OK 290 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/gtm_002.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (62521)
Size 290 kB (289757 bytes)
Hash b9797d4c2161842c0a42c1fb6093244e
b304c05c845553d434e2ff273bc5f83fdd93b420
ff69abdea31a7a5162efff18ad248b25b565c479d71de5bace46d1d330a1a1e0
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/gtm_002.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 289757
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/analytics.js
146.190.217.48200 OK 50 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/analytics.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (1325)
Hash d40531c5e99a6f84e42535859476fe35
a901817d77b2fe5259c298c91bc65c54d7f8a1a9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/analytics.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 50205
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/533374513433337.js
146.190.217.48200 OK 300 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/533374513433337.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (64471)
Size 300 kB (299569 bytes)
Hash 0a2cbee261f2e425bff7fc07d7f9ca3d
9221089d50eaffb6e91a0ea72f959b8179f3ebde
610928101a7f43c8867aa36e558ab9e8ed2b7317146ef07e8a71d94138eab021
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/533374513433337.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 299569
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/theme.css
146.190.217.48200 OK 43 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/theme.css
IP 146.190.217.48:0
File type ASCII text, with very long lines (1137)
Hash 92225defe6c529ac9742889e6ee9d36c
81e1f32202a839d131e4949a3e402deeff66bd70
1c502e3d288f7df16d00544f339a1ca477aac77fa27c819592f7b865591b9442
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/theme.css HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 42975
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/clarity.js
146.190.217.48200 OK 55 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/clarity.js
IP 146.190.217.48:0
File type Unicode text, UTF-8 text, with very long lines (54745)
Hash c238c096f4ff077be41b8296711e8641
a50be06611656993022a860865c30f85e8ff7832
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/clarity.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 54832
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/js
146.190.217.48200 OK 212 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/js
IP 146.190.217.48:0
File type ASCII text, with very long lines (18593)
Size 212 kB (212366 bytes)
Hash 198e11ba8d5140ffd7a18000230b3094
ae3d41b988d6fb4f3709bd8a9b62543acf7e167d
dbc124cfe687c3d589a94bc29f64ca1b60e3254e91d14b0ddaf09fa6f3c46d6e
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 212366
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/jquery-3.4.1.min.js
146.190.217.48200 OK 88 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/jquery-3.4.1.min.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (65451)
Hash 220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/jquery-3.4.1.min.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 88145
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/bootstrap.min.js
146.190.217.48200 OK 37 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/bootstrap.min.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (32004)
Hash 3ce14f06108f17762e1ca97f4e1562c0
379364d99c41f21065bbce52e6155647dd68bf90
b74f3607fed740eb63f0e6a651c4830b1ce196abdcd8b1f65e2cf94a79439fff
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/bootstrap.min.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 37055
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/jquery.blockUI.js
146.190.217.48200 OK 10 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/jquery.blockUI.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (1108)
Hash 50dc82a6bccb47056ff0e7ba58444757
70c38af19b6102b82ea3ed8ed2a944cc5b9cc4ef
9042406f497a91162205ae6bba16ca4b34af374324dae0396ca70150015bebd1
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/jquery.blockUI.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 10504
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/login.js
146.190.217.48200 OK 19 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/login.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (535)
Hash 60341cd3683c3c2bce33b9da62b8bb8f
6474c9bcc1a5ecf9cbbec3656a0f78ce9f2f5aa2
26ea841346681f2f201cd4df3ae7ff7ff9689fe5fe3e0e788cf76a125b72b8f2
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/login.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 19314
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/sed-usps-70fc8edc.js
146.190.217.48200 OK 440 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/sed-usps-70fc8edc.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (65377)
Size 440 kB (439984 bytes)
Hash 792c586a531d21d8d0565ef7cc144fcc
3abd016b653221a9542d928edc4e7e367cf4593e
8ead63f0da0ecd7d0361b001e86ee1c27c3bcdf4e96c91b6b2d820d82ca60c64
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/sed-usps-70fc8edc.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 439984
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/global.js
146.190.217.48200 OK 19 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/global.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (2224)
Hash 6eff9885269f11044ece8d7b43b9c3fb
bf6fc4982b95acc976ffb26b288b04cb83b394fc
d0e2a97d2d6293ea10c291f1f1e3b3f3f2301bc0e1ea8f2f30e9d29a667df9b5
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/global.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 18696
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/ie10-viewport-bug-workaround.js
146.190.217.48200 OK 459 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/ie10-viewport-bug-workaround.js
IP 146.190.217.48:0
Hash 8421afc5cbaa78de3e030108193ec566
9bcfb9e76a9c0d2c0abf7a414108d53447eba261
238b4df98a2c023801e777788f40350c1f4ad6599af5eac43d09eff720c79c48
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/ie10-viewport-bug-workaround.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 459
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/Universal-Federated-Analytics-Min.js
146.190.217.48200 OK 19 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/Universal-Federated-Analytics-Min.js
IP 146.190.217.48:0
File type C source, ASCII text, with very long lines (548)
Hash 9e1b714f83b726462a83db0033bac6db
d730ff339fc2379a66e33f981d5c86eea12d932b
456e60679a0853b3c885219ac1b8ffa4becb397615e2af7c5b3d8051241f569f
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/Universal-Federated-Analytics-Min.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 18764
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/embed.js
146.190.217.48200 OK 1.6 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/embed.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (444)
Hash 71c3f4a1ab4918e732829f77026e76db
ac96d5a9a18b01c070665e8892df8001c3b9c0ae
85b0f3cd06a802ecc9327dd4b40155a92ebc4447459660910e579482cf9b1e87
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/embed.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1568
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/__imp_apg__/js/sed-usps-70fc8edc.js
146.190.217.48404 Not Found 315 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/__imp_apg__/js/sed-usps-70fc8edc.js
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /__imp_apg__/js/sed-usps-70fc8edc.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
146.190.217.48404 Not Found 315 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
146.190.217.48404 Not Found 315 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff
146.190.217.48404 Not Found 315 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/js_002
146.190.217.48200 OK 162 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/js_002
IP 146.190.217.48:0
File type ASCII text, with very long lines (1825)
Size 162 kB (162143 bytes)
Hash c1e6d2af96187dc8169f15477e2ba4e7
326b9c97acd65d784003c326d2e79e1b6f6e1071
a5dfefdfae782213f00b7d7cf2d96a0dfca54a6df79a7f24817e1e1b684ce192
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/js_002 HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 162143
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/des_brd_2color_logo_274x79.png
146.190.217.48200 OK 7.2 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/des_brd_2color_logo_274x79.png
IP 146.190.217.48:0
File type PNG image data, 274 x 79, 8-bit/color RGBA, non-interlaced\012- data
Hash 7540a3abf4dc11dcbd1d381523956ad4
c634a237fb86e9eb6efe396bc5dd1548956c338f
194aeec3c0a28672905ad28fc88a464c2db67ab4277b1d29c3e5275013f2c638
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/des_brd_2color_logo_274x79.png HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 7177
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/logo-mini-sb.png
146.190.217.48200 OK 24 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/logo-mini-sb.png
IP 146.190.217.48:0
File type PNG image data, 135 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 43707dd65a8c8ec7754b7b45fd483488
f258a5de57dfa37baf13296da6055e8f8881d742
585262db6911000f59795831f9db7bb41477bcafb135c82b51b0473363134fcf
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/logo-mini-sb.png HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 23625
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/ajax-loader-t.gif
146.190.217.48200 OK 3.2 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/ajax-loader-t.gif
IP 146.190.217.48:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash b9f5558507d20d1501a945f9bc0f4ce4
672975a0c049de369b02bd1b5ce0820fd5d9832d
d2a3b54eecee14be7278f861de0d7d95509321f0a28fd18052334cbbd369201a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/ajax-loader-t.gif HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 3208
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/0
146.190.217.48404 Not Found 315 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/0
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/0 HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 17a4fbf35710e5a6012519878ac76b10
d83f5813e680c07aa1496c0694c6bb7cc107d62a
5afe841f4c75f352e2761102787a6cf2dd3876950337c1afc9e0833f3e335323
GET /gtm.js?id=GTM-MVCC8H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 29 Oct 2022 11:08:04 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/adsct_002.gif
146.190.217.48200 OK 43 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/adsct_002.gif
IP 146.190.217.48:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/adsct_002.gif HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
sc-static.net/scevent.min.js
54.230.82.240200 OK 8.8 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (25360), with no line terminators
Hash e9a9d4e245fb5df1ac33be19306752e8
246e5996a63a71ce325dff7ca6c9ef71f324b62f
64211912b65ff9a15aa212c8e8f5d4e60b86629d305c130f8824eb55837b8d4a
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 8764
server: CloudFront
date: Sat, 29 Oct 2022 11:08:05 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Sun, 30 Oct 2022 10:01:51 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dNi8ikIJmQFeJwq_FsolChUhzxwcjMNddA_R5gBh_yS5ZULvprGi-A==
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.85.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.85.140:0
File type ASCII text, with very long lines (25224)
Hash 95212d33cfff78ad59f5af5b20c48c53
9b99a4091a6eb716bc68f1428e3c86eca068b25b
bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 29 Oct 2022 11:08:05 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c38d7d921acdf1366a9d005ae733f173
b90bc7558a2c9cc0871243584397dd1e317bdad1
9bf166fa1fe39701758fb862610e423b26c9726038f9f3290d6615e13972af69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/generic1658346138978.js
146.190.217.48200 OK 408 kB URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/generic1658346138978.js
IP 146.190.217.48:0
File type Unicode text, UTF-8 text, with very long lines (50708)
Size 408 kB (408458 bytes)
Hash 4384210c1d0e40bc75d1627a0ee01eeb
000d0cf08cb888a1a9c93b4cbe5735fdf6917e98
98451f63814b2ed01f0411fba8d064dbfcd83d94d8dfd7c788a7e43118d22436
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/generic1658346138978.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 408458
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/adsct.gif
146.190.217.48200 OK 43 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/adsct.gif
IP 146.190.217.48:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/adsct.gif HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
www.googletagmanager.com/gtag/js?id=AW-978081151
142.250.74.168200 OK 68 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-978081151
IP 142.250.74.168:0
File type ASCII text, with very long lines (3630)
Hash 0c0978b04ab8d01ffe7624944def6b07
36bf7dd0151c6a642c91051cb32649b23159baf0
48ffb16daaf3a84d863f947fac08e0e09685beac3f2aedf141f561bc55a56e31
GET /gtag/js?id=AW-978081151 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 29 Oct 2022 11:08:05 GMT
expires: Sat, 29 Oct 2022 11:08:05 GMT
cache-control: private, max-age=900
last-modified: Sat, 29 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68426
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8004
Expires: Sat, 29 Oct 2022 13:21:29 GMT
Date: Sat, 29 Oct 2022 11:08:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8004
Expires: Sat, 29 Oct 2022 13:21:29 GMT
Date: Sat, 29 Oct 2022 11:08:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8004
Expires: Sat, 29 Oct 2022 13:21:29 GMT
Date: Sat, 29 Oct 2022 11:08:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3d9a213-ef55-4ec1-836e-6dede0d7ffd3.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3d9a213-ef55-4ec1-836e-6dede0d7ffd3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc22a7370f5dad19546be6f1c83fe308
817e9cf3ea980056a1f2c5e502573a941abfeb2c
b991ed3b3798f918a7b4d0b7679cf8b574e2dc750fb3cfb4cef0ae08b6a8ac5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3d9a213-ef55-4ec1-836e-6dede0d7ffd3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7831
x-amzn-requestid: 53b46e70-8745-473c-b890-da4ed4a58be6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCInEVwIAMFjNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a36-26329afd60e5c20a42e73373;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JDece3pAg6JXO-AhPKslgZGbs7xI0EWv4siNyKZA9FMO3Xc9eJWT4g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 22:03:04 GMT
age: 47101
etag: "817e9cf3ea980056a1f2c5e502573a941abfeb2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47e250ef-f696-4eff-9f92-684d03f537d1.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47e250ef-f696-4eff-9f92-684d03f537d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d063976205ab89fde8d7e8ca09ea2c3
fed062bcd6f96e0b1dfb3ff960e1d3577cc92d6a
be33e72b3dba7a9520c7ed87270118a106be9ffe8e020fa8aea5b63f11cbb834
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47e250ef-f696-4eff-9f92-684d03f537d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5887
x-amzn-requestid: 6886efc9-4517-4848-9625-599d60702d83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCIIEUxIAMFa1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a33-2d97e3d30b60ae1938e5f711;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y1lPMltaUmsnBKG9UYlZxw-zJyTjYq9gGPgCoOTptjADZdfzW_wngA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:58:51 GMT
age: 47354
etag: "fed062bcd6f96e0b1dfb3ff960e1d3577cc92d6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F036fdb83-72c9-40f5-9e16-f4502570667e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F036fdb83-72c9-40f5-9e16-f4502570667e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a37da3b0df2c3eb74825cdad7dff6d4
01125adb299608812ffca7fb3c0ad526803bd723
351fdadfc462aa0c8a38964217c40f085e62d65335152d0530233017f9fc0df6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F036fdb83-72c9-40f5-9e16-f4502570667e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11107
x-amzn-requestid: 6fc669c8-f46f-4f5a-a538-b4a49c43319e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: amdsuE6GoAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358dcb7-0c9461505096b7d92509e55e;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 07:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BzeW9D2DmkFVHVzWCV9ZZUx62NboDogcBvN96OikqnyImftEXu9RnQ==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 07:21:41 GMT
age: 13584
etag: "01125adb299608812ffca7fb3c0ad526803bd723"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb1110221ffc54766308cbf62f94cd9f
926f36919d5875592200b78d286edcb4c3ba884c
8344d57bc8358da2a5911c62a344a3dcf819ce44dac0da0624c73ab40ac1ef44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9460
x-amzn-requestid: c1eef336-bec0-47f0-bd30-17de593de8f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: asgW3E8uIAMFpgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b475e-60346ff475ec335e0499d17f;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 03:07:10 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P3-UxGtr6HKLtsZUHXV_4CgAd3LQBceo_1NUwrfWhWoGoTEKS7KGAw==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:51:02 GMT
age: 47823
etag: "926f36919d5875592200b78d286edcb4c3ba884c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493e6c0e-987f-4e8a-b2a1-5fe4f452da17.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493e6c0e-987f-4e8a-b2a1-5fe4f452da17.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3044824aa388754b4834dc79496d135b
ee65caaa8a746599f6c29d74900472a98c121499
1e7f15e9d74e3559bbe51f66a861045d02a1cb227c978ba09c47e52972095930
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493e6c0e-987f-4e8a-b2a1-5fe4f452da17.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6036
x-amzn-requestid: 3614efdd-d9db-4461-a335-30cfc17cf8b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCGmEyVoAMFnPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a2a-5f619a592c75e97c3dc2689a;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: W1LaF7xWMkFRekTvIhe1Ft7v8vQMW-_sLLrjtu5SluHUg48esy5cdA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:51:02 GMT
age: 47823
etag: "ee65caaa8a746599f6c29d74900472a98c121499"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8326b70116b95839cb92a20987ff62bf
e39efc9edc67abdbc8b67e56ea3aa3f169600055
9bb70165db081deb009c8da7f4fcafff66bf4f3ce68c88dd11b21ab1665f8a30
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8381
x-amzn-requestid: affd1381-e8d6-406e-bdfd-43095e110aa9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCJEHAUoAMFQPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a39-738547cc62556b0f6cc604cf;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:37 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FpVYEpuzxdqeInQrm5_-ZU4tLonMfDWY3D3DxRd0JD3uh4emzrgklA==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 22:02:40 GMT
age: 47125
etag: "e39efc9edc67abdbc8b67e56ea3aa3f169600055"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f331a42514e31cd1fa0ee4b183e181b9
ec51490d94b697f50238a4eb1360c70cbcd7db76
594e990b677a3811125884bb166da7dba31434a2ff4b6fe3f2c24d2a23fec575
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80133954-3&cid=1042880397.1667041683&jid=1255215825&gjid=956268367&_gid=1082977905.1667041683&_u=aGBAiEABFAAAAE~&z=1999484865
173.194.222.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80133954-3&cid=1042880397.1667041683&jid=1255215825&gjid=956268367&_gid=1082977905.1667041683&_u=aGBAiEABFAAAAE~&z=1999484865
IP 173.194.222.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80133954-3&cid=1042880397.1667041683&jid=1255215825&gjid=956268367&_gid=1082977905.1667041683&_u=aGBAiEABFAAAAE~&z=1999484865 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 29 Oct 2022 11:08:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f331a42514e31cd1fa0ee4b183e181b9
ec51490d94b697f50238a4eb1360c70cbcd7db76
594e990b677a3811125884bb166da7dba31434a2ff4b6fe3f2c24d2a23fec575
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
146.190.217.48404 Not Found 315 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813; _gcl_au=1.1.781461928.1667041683; _clck=1h4tsfc|1|f64|0; _ga=GA1.1.1042880397.1667041683; _gid=GA1.2.1082977905.1667041683; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667041683.1.0.1667041683.0.0.0
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 11:08:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/entreg/assets/fonts/usps/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
146.190.217.48404 Not Found 315 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/entreg/assets/fonts/usps/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813; _gcl_au=1.1.781461928.1667041683; _clck=1h4tsfc|1|f64|0; _ga=GA1.1.1042880397.1667041683; _gid=GA1.2.1082977905.1667041683; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667041683.1.0.1667041683.0.0.0
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 11:08:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
146.190.217.48404 Not Found 315 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813; _gcl_au=1.1.781461928.1667041683; _clck=1h4tsfc|1|f64|0; _ga=GA1.1.1042880397.1667041683; _gid=GA1.2.1082977905.1667041683; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667041683.1.0.1667041683.0.0.0
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 11:08:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1008691541&t=pageview&_s=1&dl=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&dp=%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGDACUABFAAAAG~&jid=1182313770&gjid=1106697694&cid=1042880397.1667041683&tid=UA-33523145-1&_gid=1082977905.1667041683&_r=1&cd1=unspecified%3Averify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com&cd2=unspecified%3Averify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%20-%20verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com&cd3=20181010%20v4.1%20-%20Universal%20Analytics&cd4=unspecified%3Averify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com&cd5=unspecified%3Averify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com&cd6=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FKNYGHT%2F1%2FUniversal-Federated-Analytics-Min.js&cd7=http%3A&z=42883219
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1008691541&t=pageview&_s=1&dl=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&dp=%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGDACUABFAAAAG~&jid=1182313770&gjid=1106697694&cid=1042880397.1667041683&tid=UA-33523145-1&_gid=1082977905.1667041683&_r=1&cd1=unspecified%3Averify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com&cd2=unspecified%3Averify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%20-%20verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com&cd3=20181010%20v4.1%20-%20Universal%20Analytics&cd4=unspecified%3Averify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com&cd5=unspecified%3Averify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com&cd6=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FKNYGHT%2F1%2FUniversal-Federated-Analytics-Min.js&cd7=http%3A&z=42883219
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&aip=1&a=1008691541&t=pageview&_s=1&dl=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&dp=%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGDACUABFAAAAG~&jid=1182313770&gjid=1106697694&cid=1042880397.1667041683&tid=UA-33523145-1&_gid=1082977905.1667041683&_r=1&cd1=unspecified%3Averify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com&cd2=unspecified%3Averify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%20-%20verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com&cd3=20181010%20v4.1%20-%20Universal%20Analytics&cd4=unspecified%3Averify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com&cd5=unspecified%3Averify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com&cd6=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FKNYGHT%2F1%2FUniversal-Federated-Analytics-Min.js&cd7=http%3A&z=42883219 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
date: Sat, 29 Oct 2022 11:08:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/0
146.190.217.48404 Not Found 315 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/0
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/0 HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813; _gcl_au=1.1.781461928.1667041683; _clck=1h4tsfc|1|f64|0; _ga=GA1.1.1042880397.1667041683; _gid=GA1.2.1082977905.1667041683; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667041683.1.0.1667041683.0.0.0; _ga=GA1.3.1042880397.1667041683; _gid=GA1.3.1082977905.1667041683; _gat_GSA_ENOR0=1
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 11:08:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/pixel.htm
146.190.217.48200 OK 108 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/pixel.htm
IP 146.190.217.48:0
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 67c58a38087e1a243fd14984f663b520
d39158107e8711b6d9fbe13be4a3a3156f571e08
ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/pixel.htm HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813; _gcl_au=1.1.781461928.1667041683; _clck=1h4tsfc|1|f64|0; _ga=GA1.1.1042880397.1667041683; _gid=GA1.2.1082977905.1667041683; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667041683.1.0.1667041683.0.0.0; _ga=GA1.3.1042880397.1667041683; _gid=GA1.3.1082977905.1667041683; _gat_GSA_ENOR0=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:05 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 108
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html
resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
104.110.27.57200 OK 528 B URL HTTP/2 resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
IP 104.110.27.57:0
File type ASCII text, with very long lines (587)
Hash 1f5b6140f94844fff6133ef3693807ed
18c8767fca06b62e0bdd36dc0ef1a79c9dbe184e
e77717350bf9c42df8bb7c067d33a86310c17691898c1cf7def4e9b01fdc8cb1
GET /wdcgov/2/onsite/embed.js HTTP/1.1
Host: resources.digital-cloud-gov.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Tue Sep 06 2022 17:55:25 GMT+0000 (Coordinated Universal Time)
etag: "125dd36304d04069544702f1a8e8e277"
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-encoding: gzip
content-length: 528
cache-control: private, max-age=0
date: Sat, 29 Oct 2022 11:08:06 GMT
vary: Accept-Encoding
set-cookie: SERVERID=10.241.23.91; path=/
access-control-max-age: 86400
access-control-allow-origin: *
X-Firefox-Spdy: h2
sc-static.net/js-sha256-v1.min.js
54.230.82.240304 Not Modified 0 B URL HTTP/2 sc-static.net/js-sha256-v1.min.js
IP 54.230.82.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js-sha256-v1.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 05 Apr 2019 00:32:08 GMT
If-None-Match: W/"68f2467c84878293c9ee497dbc99a17f"
TE: trailers
HTTP/2 304 Not Modified
date: Sat, 29 Oct 2022 01:30:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: Content-Type
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
etag: W/"68f2467c84878293c9ee497dbc99a17f"
cache-control: public, s-maxage=86400, max-age=600
server: AmazonS3
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UnT74KpVGbuGcDbkBEDcCg9U0-XjApvVV8gQPhw43WMRqYDxUGUADw==
age: 34657
X-Firefox-Spdy: h2
resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
104.110.27.57200 OK 528 B URL HTTP/2 resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
IP 104.110.27.57:0
File type ASCII text, with very long lines (587)
Hash 1f5b6140f94844fff6133ef3693807ed
18c8767fca06b62e0bdd36dc0ef1a79c9dbe184e
e77717350bf9c42df8bb7c067d33a86310c17691898c1cf7def4e9b01fdc8cb1
GET /wdcgov/2/onsite/embed.js HTTP/1.1
Host: resources.digital-cloud-gov.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue Sep 06 2022 17:55:25 GMT+0000 (Coordinated Universal Time)
If-None-Match: "125dd36304d04069544702f1a8e8e277"
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Tue Sep 06 2022 17:55:25 GMT+0000 (Coordinated Universal Time)
etag: "125dd36304d04069544702f1a8e8e277"
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-encoding: gzip
content-length: 528
cache-control: private, max-age=0
date: Sat, 29 Oct 2022 11:08:06 GMT
vary: Accept-Encoding
set-cookie: SERVERID=10.241.23.91; path=/
access-control-max-age: 86400
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 15375
Last-Modified: Thu, 27 Oct 2022 18:55:37 GMT
Cache-Control: no-cache
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
Accept-Ranges: bytes
Date: Sat, 29 Oct 2022 11:08:06 GMT
X-Served-By: cache-iad-kjyo7100147-IAD, cache-bma1657-BMA
X-Cache: HIT, HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash babb0d09b27851a7c080c2843211eb91
cf41327a7f5a83c8343e85741bc34cb53050449a
adc4ea8ee48fd9337d951234bd345899ddb116cad409265ee2cf01733ac82e84
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11376
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 17:32:37 GMT
Accept-Ranges: bytes
ETag: "80a8697a8a2d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=0C878BDF0B426F150E9C99930AB76E55; domain=.bing.com; expires=Thu, 23-Nov-2023 11:08:06 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: C40E5D4C41B741498BA4F0F600CCE68B Ref B: OSL30EDGE0206 Ref C: 2022-10-29T11:08:06Z
Date: Sat, 29 Oct 2022 11:08:06 GMT
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash dab02b42c136faced9b65952be108556
603536789f04e81bb0563cedc02585908dc8fb83
37a00d01747f2c9c4d2a66ced3548cf75049fd378fb2a5938dc0534453128721
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Sat, 29 Oct 2022 10:22:26 GMT
Expires: Sat, 29 Oct 2022 12:22:26 GMT
Cache-Control: public, max-age=7200
Age: 2740
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
www.google-analytics.com/collect?v=1&_v=j96&a=1008691541&t=pageview&_s=1&dl=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGBAiEABF~&jid=1255215825&gjid=956268367&cid=1042880397.1667041683&tid=UA-80133954-3&_gid=1082977905.1667041683>m=2wg8v0MVCC8H&cg1=No%20Virtual%20Site%20Name%20Found&cd1=&cd2=&cd3=No%20Sub%20Site%20Found&cd4=No%20Virtual%20Site%20Name%20Found&cd5=GTM-MVCC8H%20%7C%20642&cd6=2022-10-29T11%3A08%3A03.99%2B00%3A00&cd8=1667041683104.hp1lt84i&cd9=Desktop&cd10=desktop%20page%20-%20is%20not%20responsive&cd14=Form%20-%20No%20Form%20Target%20Category&cd21=&cd22=0&cd30=cookie%20not%20set&cd113=null&cd114=no%20data-gtm-section&cd115=no%20data-gtm-subsection&cd16=1042880397.1667041683&cd7=1042880397.1667041683&z=390170031
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j96&a=1008691541&t=pageview&_s=1&dl=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGBAiEABF~&jid=1255215825&gjid=956268367&cid=1042880397.1667041683&tid=UA-80133954-3&_gid=1082977905.1667041683>m=2wg8v0MVCC8H&cg1=No%20Virtual%20Site%20Name%20Found&cd1=&cd2=&cd3=No%20Sub%20Site%20Found&cd4=No%20Virtual%20Site%20Name%20Found&cd5=GTM-MVCC8H%20%7C%20642&cd6=2022-10-29T11%3A08%3A03.99%2B00%3A00&cd8=1667041683104.hp1lt84i&cd9=Desktop&cd10=desktop%20page%20-%20is%20not%20responsive&cd14=Form%20-%20No%20Form%20Target%20Category&cd21=&cd22=0&cd30=cookie%20not%20set&cd113=null&cd114=no%20data-gtm-section&cd115=no%20data-gtm-subsection&cd16=1042880397.1667041683&cd7=1042880397.1667041683&z=390170031
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j96&a=1008691541&t=pageview&_s=1&dl=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGBAiEABF~&jid=1255215825&gjid=956268367&cid=1042880397.1667041683&tid=UA-80133954-3&_gid=1082977905.1667041683>m=2wg8v0MVCC8H&cg1=No%20Virtual%20Site%20Name%20Found&cd1=&cd2=&cd3=No%20Sub%20Site%20Found&cd4=No%20Virtual%20Site%20Name%20Found&cd5=GTM-MVCC8H%20%7C%20642&cd6=2022-10-29T11%3A08%3A03.99%2B00%3A00&cd8=1667041683104.hp1lt84i&cd9=Desktop&cd10=desktop%20page%20-%20is%20not%20responsive&cd14=Form%20-%20No%20Form%20Target%20Category&cd21=&cd22=0&cd30=cookie%20not%20set&cd113=null&cd114=no%20data-gtm-section&cd115=no%20data-gtm-subsection&cd16=1042880397.1667041683&cd7=1042880397.1667041683&z=390170031 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Fri, 28 Oct 2022 20:07:39 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 54027
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aa0f58805ed19b03cb4fa010c98414ea
e7e4236c60f46d921d68259f3ec1929d386c0120
239c267218adaaa811042cb01f0fe3103faea7606ea27c7d5922f935ecdd14db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5776
Cache-Control: max-age=160127
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:06 GMT
Etag: "635cc185-1d7"
Expires: Mon, 31 Oct 2022 07:36:53 GMT
Last-Modified: Sat, 29 Oct 2022 06:00:37 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 20c69990e9f2324ecbf75090016c6acd
45c7098e6bb31c439bad5752935770dd9b801617
d12d3f4a51368230c20f54388c3062144a9f54a70cc3d6f784599ea1b0668dee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.co.in/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
216.58.207.195200 OK 42 B URL HTTP/2 www.google.co.in/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 216.58.207.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 11:08:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: eMsDlkk0ZGlI4nMWENIngk+Qx4Fmg+8VQenkMfTvbRGCind5Lh2FYSyiqfY9XAcI1YrhQMjgHvB/voy7FVnEhQ==
content-length: 27337
x-fb-trip-id: 1904183273
date: Sat, 29 Oct 2022 11:08:06 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1667041683551&cv=11&fst=1667041683551&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=781461928.1667041683&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1667041683551&cv=11&fst=1667041683551&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=781461928.1667041683&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (2296), with no line terminators
Hash 7f6fea9ffe8ad85d9bab8dcca2d8d9ed
03714e8dd9c36306670268d2feeeefc02c1c4df1
a74af56cda532aa6bb6facc85ca3417e0c82927c4613287653aa2d65035cd75b
GET /pagead/viewthroughconversion/978081151/?random=1667041683551&cv=11&fst=1667041683551&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=781461928.1667041683&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 11:08:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1134
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 29-Oct-2022 11:23:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1667041683191&cv=11&fst=1667041683191&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=781461928.1667041683&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.2200 OK 1.3 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1667041683191&cv=11&fst=1667041683191&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=781461928.1667041683&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.2:0
File type JSON data\012- , ASCII text, with very long lines (2420), with no line terminators
Hash 47f8bf2584afc706ba70d1517a53217b
879fc61ab889cd7b4952c1d04fbb02380daa4556
b95114f6bd0efbb947467d85e0796cc683ef15c7992dc316e1e6dbbd60e8476d
GET /pagead/viewthroughconversion/978081151/?random=1667041683191&cv=11&fst=1667041683191&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=781461928.1667041683&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 11:08:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1133
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 29-Oct-2022 11:23:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 11:08:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
k.clarity.ms/collect
20.96.88.162204 No Content 0 B IP 20.96.88.162:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: k.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1507
Origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
access-control-allow-origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
access-control-allow-credentials: true
date: Sat, 29 Oct 2022 11:08:06 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aa0f58805ed19b03cb4fa010c98414ea
e7e4236c60f46d921d68259f3ec1929d386c0120
239c267218adaaa811042cb01f0fe3103faea7606ea27c7d5922f935ecdd14db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5148
Cache-Control: max-age=159499
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:06 GMT
Etag: "635cc185-1d7"
Expires: Mon, 31 Oct 2022 07:26:25 GMT
Last-Modified: Sat, 29 Oct 2022 06:00:37 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
s.pinimg.com/ct/lib/main.55e552f9.js
23.38.200.197200 OK 19 kB URL HTTP/2 s.pinimg.com/ct/lib/main.55e552f9.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (54284), with no line terminators
Hash 84c1602180f73853dc1e35f7296bdf7d
40aea44ea928e8d539381759b791f5c70f6d4c82
6b2faea09b5d5015a36ab4300e1034e1907895b40249e5fd11b42a66fbd21dac
GET /ct/lib/main.55e552f9.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "84c1602180f73853dc1e35f7296bdf7d"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 18601
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1667041682807
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1667041682807
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1667041682807 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
content-type: image/gif
accept-ranges: bytes
date: Sat, 29 Oct 2022 11:08:06 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1667041683580&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=b8a0465f-052e-4ef6-988d-c044313a46d5&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1667041683580&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=b8a0465f-052e-4ef6-988d-c044313a46d5&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1667041683580&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=b8a0465f-052e-4ef6-988d-c044313a46d5&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Sat, 29 Oct 2022 11:08:06 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/978081151/?random=1667041683551&cv=11&fst=1667041200000&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2149720030&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/978081151/?random=1667041683551&cv=11&fst=1667041200000&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2149720030&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1667041683551&cv=11&fst=1667041200000&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2149720030&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 11:08:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1667041683578&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=b8a0465f-052e-4ef6-988d-c044313a46d5&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1667041683578&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=b8a0465f-052e-4ef6-988d-c044313a46d5&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1667041683578&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=b8a0465f-052e-4ef6-988d-c044313a46d5&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Sat, 29 Oct 2022 11:08:06 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash dab02b42c136faced9b65952be108556
603536789f04e81bb0563cedc02585908dc8fb83
37a00d01747f2c9c4d2a66ced3548cf75049fd378fb2a5938dc0534453128721
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1667041683314
151.101.85.140200 OK 143 B URL HTTP/2 alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1667041683314
IP 151.101.85.140:0
File type gzip compressed data, from Unix\012- data
Hash dc04384e39cf116cb4cedc24223f83c9
08bcaed4567fd2a160b15b3dfbffa79a5cd9cd77
672f2981170bacc9cc0c464faab65af75154c9a265cca5b9c952234a1573cc78
GET /snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1667041683314 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Varnish
retry-after: 0
content-type: image/gif
accept-ranges: bytes
date: Sat, 29 Oct 2022 11:08:06 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
www.clarity.ms/eus2-e/s/0.6.40/clarity.js
13.107.246.53404 Not Found 0 B URL HTTP/2 www.clarity.ms/eus2-e/s/0.6.40/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eus2-e/s/0.6.40/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
x-cache: CONFIG_NOCACHE
x-azure-ref: 0lgldYwAAAABLIF3dnuGbS7LtbeoJA6glU1ZHMjBFREdFMDYxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 29 Oct 2022 11:08:06 GMT
content-length: 0
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/978081151/?random=1667041683191&cv=11&fst=1667041200000&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=117052844&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/978081151/?random=1667041683191&cv=11&fst=1667041200000&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=117052844&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1667041683191&cv=11&fst=1667041200000&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=117052844&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 11:08:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/533374513433337?v=2.9.89&r=stable
31.13.72.12200 OK 86 kB URL HTTP/2 connect.facebook.net/signals/config/533374513433337?v=2.9.89&r=stable
IP 31.13.72.12:0
File type ASCII text, with very long lines (64471)
Hash b94b5c2c98e6cad4ee14c10d9f719247
d88b7fb550e72a977595de257ae4753aae87a791
1261862b2df65b24ad6bd72e36d61ac64436825c70f012d64a742e8de4c1f86a
GET /signals/config/533374513433337?v=2.9.89&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: CfnliGW44p1zDKhtdP7PFhrez/fGMioSF1fXuELKo8YmUD0Mofgcy3pnegTNDXkZ3Cz7TjBh3mgS5r1nPbWe8A==
priority: u=3,i
content-length: 86250
x-fb-trip-id: 1904183273
date: Sat, 29 Oct 2022 11:08:06 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/21006064
13.107.246.53200 OK 1.7 kB URL HTTP/2 www.clarity.ms/tag/uet/21006064
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1688), with no line terminators
Hash abf3ce9b1b1e0b424566fac58069b0ec
32184f57e70f010a947942b397785f6dcd237a33
9e1b580b3dec57bb2da244159cf463096d818380afb3ea01fdb5d7440850e630
GET /tag/uet/21006064 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1688
content-type: application/x-javascript
expires: -1
set-cookie: CLID=c9a747a8ff2b413583f74bf57d91a0b8.20221029.20231029; expires=Sun, 29 Oct 2023 11:08:06 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
x-cache: CONFIG_NOCACHE
x-azure-ref: 0lgldYwAAAABfheWkyuGNSYN2/rAc1bFKU1ZHMjBFREdFMDYxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 29 Oct 2022 11:08:06 GMT
X-Firefox-Spdy: h2
s.pinimg.com/ct/core.js
23.38.200.197200 OK 1.1 kB IP 23.38.200.197:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash d46ca479169e57f877e12fcf654873be
7403052faf6a9a3614c771ae29760553541db34a
e5cf17e004a172d469b4420142e8ced5c0c058c85e8adee76f00c0074d3e2447
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "d46ca479169e57f877e12fcf654873be"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=21006064&Ver=2&mid=31658931-432b-4ea7-b7a4-79ba2a8e762c&sid=f5ae49d0577911ed81b63df64802dd6d&vid=f5ae8b20577911eda46f2b8158c23367&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=USPS.com%C2%AE%20-%20Account%20Verification&p=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&r=<=3085&evt=pageLoad&sv=1&rn=242431
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=21006064&Ver=2&mid=31658931-432b-4ea7-b7a4-79ba2a8e762c&sid=f5ae49d0577911ed81b63df64802dd6d&vid=f5ae8b20577911eda46f2b8158c23367&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=USPS.com%C2%AE%20-%20Account%20Verification&p=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&r=<=3085&evt=pageLoad&sv=1&rn=242431
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=21006064&Ver=2&mid=31658931-432b-4ea7-b7a4-79ba2a8e762c&sid=f5ae49d0577911ed81b63df64802dd6d&vid=f5ae8b20577911eda46f2b8158c23367&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=USPS.com%C2%AE%20-%20Account%20Verification&p=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&r=<=3085&evt=pageLoad&sv=1&rn=242431 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1956DFF3B2F16D2021B3CDBFB3046CC3; domain=.bing.com; expires=Thu, 23-Nov-2023 11:08:06 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 240943D413DE4FA6BEEFF689DC78AC69 Ref B: OSL30EDGE0206 Ref C: 2022-10-29T11:08:06Z
date: Sat, 29 Oct 2022 11:08:06 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash efc264bca02de745236742e3b9102036
23db487641ddc8c384fe71e6cbf1345d664a2db0
036938688a5648bab7c7a326aaccee94af77349428261298c2710cef23c4207a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash efc264bca02de745236742e3b9102036
23db487641ddc8c384fe71e6cbf1345d664a2db0
036938688a5648bab7c7a326aaccee94af77349428261298c2710cef23c4207a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/21006064.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/21006064.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/21006064.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
set-cookie: MUID=27720E892675608211671CC5278061CF; domain=.bing.com; expires=Thu, 23-Nov-2023 11:08:06 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3E15E363D2BE4F43982343BF2A0BB65D Ref B: OSL30EDGE0206 Ref C: 2022-10-29T11:08:06Z
date: Sat, 29 Oct 2022 11:08:06 GMT
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/978081151/?random=1667041683191&cv=11&fst=1667041200000&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=117052844&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/978081151/?random=1667041683191&cv=11&fst=1667041200000&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=117052844&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1667041683191&cv=11&fst=1667041200000&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=117052844&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 11:08:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/978081151/?random=1667041683551&cv=11&fst=1667041200000&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2149720030&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/978081151/?random=1667041683551&cv=11&fst=1667041200000&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2149720030&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1667041683551&cv=11&fst=1667041200000&bg=ffffff&guid=ON&async=1>m=2oaaq0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2149720030&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 11:08:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash efc264bca02de745236742e3b9102036
23db487641ddc8c384fe71e6cbf1345d664a2db0
036938688a5648bab7c7a326aaccee94af77349428261298c2710cef23c4207a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 11:08:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.pinimg.com/ct/lib/main.961e55a4.js
23.38.200.197200 OK 21 kB URL HTTP/2 s.pinimg.com/ct/lib/main.961e55a4.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (59868), with no line terminators
Hash b9be241e8240e73bb66301c5815d5b3b
973261463c6e3e330d198cb558762a0808d59b7d
3d6a84853133ded02b2646243cd6ed3c91343d2922cb30f8a305386f3d918b4b
GET /ct/lib/main.961e55a4.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "b9be241e8240e73bb66301c5815d5b3b"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20740
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1667041684468
23.38.200.197200 OK 382 B URL HTTP/2 ct.pinterest.com/user/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1667041684468
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (539), with no line terminators
Hash 4133ff14bfae835ba7a2976dd28e0b9b
16163c58f272d772629605e987cdcc02fc1d78a2
c887dfff8fa67dd6fa30fae875db0c94ff1ad8ae8fc48a81ef2e1d262dfb44a4
GET /user/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1667041684468 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU9EQm1aRE5rTWpJdE5XWmlaQzAwT1dNMkxUZ3pNR0l0TkdRMllqUXdNV0ptT0RjMw
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 382
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 8241523793137627
date: Sat, 29 Oct 2022 11:08:06 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1667041686.1623d2a9
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=533374513433337&ev=PageView&dl=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&rl=&if=false&ts=1667041684558&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667041684557.1805728544&it=1667041684369&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=533374513433337&ev=PageView&dl=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&rl=&if=false&ts=1667041684558&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667041684557.1805728544&it=1667041684369&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=533374513433337&ev=PageView&dl=http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&rl=&if=false&ts=1667041684558&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667041684557.1805728544&it=1667041684369&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 29 Oct 2022 11:08:06 GMT
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22961e55a4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1667041684475
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22961e55a4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1667041684475
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22961e55a4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1667041684475 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1467395453470384
date: Sat, 29 Oct 2022 11:08:06 GMT
akamai-grn: 0.274f2417.1667041686.1623d6b7
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22961e55a4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1667041684476
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22961e55a4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1667041684476
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fverify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22961e55a4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1667041684476 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 5
referrer-policy: origin
x-pinterest-rid: 1559464074317429
date: Sat, 29 Oct 2022 11:08:06 GMT
akamai-grn: 0.274f2417.1667041686.1623d6bf
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
reg.usps.com/entreg/favicon.ico
192.229.221.165200 OK 1.2 kB URL HTTP/2 reg.usps.com/entreg/favicon.ico
IP 192.229.221.165:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 178819cc32a7774822e3550c57cd20aa
c8050ec440e8cc1367a6115934edc0bf94a0d343
8565aaa87282f585b8a021ee0e693f662eb179df62890d01e086cc9f23dec1d2
GET /entreg/favicon.ico HTTP/1.1
Host: reg.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
age: 31925
cache-control: no-cache
content-type: image/x-icon
date: Sat, 29 Oct 2022 11:08:06 GMT
etag: "47e-5ea5d077c5480"
expires: Sat, 29 Oct 2022 11:08:05 GMT
last-modified: Thu, 06 Oct 2022 12:42:42 GMT
server: ECAcc (dcb/7F0E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN, DENY
x-ruleset-version: 2.5
content-length: 1150
X-Firefox-Spdy: h2
ct.pinterest.com/ct.html
23.38.200.197200 OK 323 B IP 23.38.200.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 0
referrer-policy: origin
x-pinterest-rid: 6113632259794779
date: Sat, 29 Oct 2022 11:08:06 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1667041686.1623dbc5
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=905541C4611848F99EE23403D0B8DFE6&RedC=c.clarity.ms&MXFR=10FCD8D57F286DC62D1DCA997B2863E7
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=10FCD8D57F286DC62D1DCA997B2863E7; domain=.clarity.ms; expires=Thu, 23-Nov-2023 11:08:06 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sat, 29 Oct 2022 11:08:06 GMT
content-length: 0
X-Firefox-Spdy: h2
bat.bing.com/actionp/0?ti=21006064&Ver=2&mid=31658931-432b-4ea7-b7a4-79ba2a8e762c&sid=f5ae49d0577911ed81b63df64802dd6d&vid=f5ae8b20577911eda46f2b8158c23367&vids=1&msclkid=N&evt=dedup
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/actionp/0?ti=21006064&Ver=2&mid=31658931-432b-4ea7-b7a4-79ba2a8e762c&sid=f5ae49d0577911ed81b63df64802dd6d&vid=f5ae8b20577911eda46f2b8158c23367&vids=1&msclkid=N&evt=dedup
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /actionp/0?ti=21006064&Ver=2&mid=31658931-432b-4ea7-b7a4-79ba2a8e762c&sid=f5ae49d0577911ed81b63df64802dd6d&vid=f5ae8b20577911eda46f2b8158c23367&vids=1&msclkid=N&evt=dedup HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1080BA7CFC9162D228D9A830FD6463BF; domain=.bing.com; expires=Thu, 23-Nov-2023 11:08:07 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A73C5882E6A24D719F37D68F8B1DAEAD Ref B: OSL30EDGE0206 Ref C: 2022-10-29T11:08:07Z
date: Sat, 29 Oct 2022 11:08:06 GMT
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=905541C4611848F99EE23403D0B8DFE6&RedC=c.clarity.ms&MXFR=10FCD8D57F286DC62D1DCA997B2863E7
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=905541C4611848F99EE23403D0B8DFE6&RedC=c.clarity.ms&MXFR=10FCD8D57F286DC62D1DCA997B2863E7
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=905541C4611848F99EE23403D0B8DFE6&RedC=c.clarity.ms&MXFR=10FCD8D57F286DC62D1DCA997B2863E7 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=905541C4611848F99EE23403D0B8DFE6&MUID=0A6B5ADF20856906102A489321706874
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=0A6B5ADF20856906102A489321706874; domain=c.bing.com; expires=Thu, 23-Nov-2023 11:08:07 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6CC038D0BF2141BC987F47797DEF341C Ref B: OSL30EDGE0206 Ref C: 2022-10-29T11:08:07Z
date: Sat, 29 Oct 2022 11:08:06 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=905541C4611848F99EE23403D0B8DFE6&MUID=0A6B5ADF20856906102A489321706874
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=905541C4611848F99EE23403D0B8DFE6&MUID=0A6B5ADF20856906102A489321706874
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=905541C4611848F99EE23403D0B8DFE6&MUID=0A6B5ADF20856906102A489321706874 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sat, 29-Oct-2022 11:18:07 GMT; path=/; SameSite=None; Secure;
date: Sat, 29 Oct 2022 11:08:06 GMT
content-length: 42
X-Firefox-Spdy: h2
resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/generic1658346138978.js
104.110.27.57302 Moved Temporarily 0 B URL HTTP/1.1 resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/generic1658346138978.js
IP 104.110.27.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wdcgov/2/onsite/generic1658346138978.js HTTP/1.1
Host: resources.digital-cloud-gov.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
HTTP/1.1 302 Moved Temporarily
Location: https://resources-dcgov.medallia.com/wdcgov/2/onsite/generic1658346138978.js
Content-Length: 0
Cache-Control: no-cache
Date: Sat, 29 Oct 2022 11:08:07 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Origin: *
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/__imp_apg__/api/dip/v1/dip
146.190.217.48404 Not Found 315 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/__imp_apg__/api/dip/v1/dip
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
POST /__imp_apg__/api/dip/v1/dip HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 2232
Origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813; _gcl_au=1.1.781461928.1667041683; _clck=1h4tsfc|1|f64|0; _ga=GA1.1.1042880397.1667041683; _gid=GA1.2.1082977905.1667041683; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667041683.1.0.1667041683.0.0.0; _ga=GA1.3.1042880397.1667041683; _gid=GA1.3.1082977905.1667041683; _gat_GSA_ENOR0=1; _rdt_uuid=1667041683578.b8a0465f-052e-4ef6-988d-c044313a46d5; mdLogger=false; kampyleUserSession=1667041683654; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _scid=eb6c99dd-f522-48a3-b0f0-605a491f9b10; _uetsid=f5ae49d0577911ed81b63df64802dd6d; _uetvid=f5ae8b20577911eda46f2b8158c23367; _fbp=fb.1.1667041684557.1805728544; _clsk=1wnu6zy|1667041684723|1|0|k.clarity.ms/collect; _pin_unauth=dWlkPU9EQm1aRE5rTWpJdE5XWmlaQzAwT1dNMkxUZ3pNR0l0TkdRMllqUXdNV0ptT0RjMw
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 11:08:07 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
k.clarity.ms/collect
20.96.88.162204 No Content 0 B IP 20.96.88.162:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: k.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 943
Origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
access-control-allow-origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
access-control-allow-credentials: true
date: Sat, 29 Oct 2022 11:08:07 GMT
X-Firefox-Spdy: h2
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/__imp_apg__/api/imp/v1.0/report/?m&fq=load
146.190.217.48404 Not Found 315 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/__imp_apg__/api/imp/v1.0/report/?m&fq=load
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
POST /__imp_apg__/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
content-type: text/plain;charset=UTF-8
Origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
Content-Length: 940
Connection: keep-alive
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813; _gcl_au=1.1.781461928.1667041683; _clck=1h4tsfc|1|f64|0; _ga=GA1.1.1042880397.1667041683; _gid=GA1.2.1082977905.1667041683; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667041683.1.0.1667041683.0.0.0; _ga=GA1.3.1042880397.1667041683; _gid=GA1.3.1082977905.1667041683; _gat_GSA_ENOR0=1; _rdt_uuid=1667041683578.b8a0465f-052e-4ef6-988d-c044313a46d5; mdLogger=false; kampyleUserSession=1667041683654; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _scid=eb6c99dd-f522-48a3-b0f0-605a491f9b10; _uetsid=f5ae49d0577911ed81b63df64802dd6d; _uetvid=f5ae8b20577911eda46f2b8158c23367; _fbp=fb.1.1667041684557.1805728544; _clsk=1wnu6zy|1667041684723|1|0|k.clarity.ms/collect; _pin_unauth=dWlkPU9EQm1aRE5rTWpJdE5XWmlaQzAwT1dNMkxUZ3pNR0l0TkdRMllqUXdNV0ptT0RjMw; __ts_xfdF3__=510597125; _imp_apg_r_=%7B%22_fr%22%3A10000%7D
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 11:08:08 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/__imp_apg__/api/imp/v1.0/report/?x
146.190.217.48404 Not Found 315 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/__imp_apg__/api/imp/v1.0/report/?x
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
POST /__imp_apg__/api/imp/v1.0/report/?x HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
content-type: text/plain;charset=UTF-8
Origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
Content-Length: 488
Connection: keep-alive
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813; _gcl_au=1.1.781461928.1667041683; _clck=1h4tsfc|1|f64|0; _ga=GA1.1.1042880397.1667041683; _gid=GA1.2.1082977905.1667041683; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667041683.1.0.1667041683.0.0.0; _ga=GA1.3.1042880397.1667041683; _gid=GA1.3.1082977905.1667041683; _gat_GSA_ENOR0=1; _rdt_uuid=1667041683578.b8a0465f-052e-4ef6-988d-c044313a46d5; mdLogger=false; kampyleUserSession=1667041683654; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _scid=eb6c99dd-f522-48a3-b0f0-605a491f9b10; _uetsid=f5ae49d0577911ed81b63df64802dd6d; _uetvid=f5ae8b20577911eda46f2b8158c23367; _fbp=fb.1.1667041684557.1805728544; _clsk=1wnu6zy|1667041684723|1|0|k.clarity.ms/collect; _pin_unauth=dWlkPU9EQm1aRE5rTWpJdE5XWmlaQzAwT1dNMkxUZ3pNR0l0TkdRMllqUXdNV0ptT0RjMw; __ts_xfdF3__=917463845; _imp_apg_r_=%7B%22_fr%22%3A40404%7D
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 11:08:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
sc-static.net/js-sha256-v1.min.js
54.230.82.240200 OK 0 B URL HTTP/2 sc-static.net/js-sha256-v1.min.js
IP 54.230.82.240:0
GET /js-sha256-v1.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 29 Oct 2022 01:30:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: Content-Type
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
etag: W/"68f2467c84878293c9ee497dbc99a17f"
cache-control: public, s-maxage=86400, max-age=600
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AMbk7Ex3fV4uTChLiMHEMiQmomBE7t2IzFCAXWVH0H3E7RFC-cs4LQ==
age: 34656
X-Firefox-Spdy: h2
verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/gtm.js
146.190.217.48200 OK 0 B URL HTTP/1.1 verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/KNYGHT/1/gtm.js
IP 146.190.217.48:0
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/gtm.js HTTP/1.1
Host: verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verify-usps-rates-zipcode-dropoff-doortag.dns-stuff.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=9adfcf21e3e6c3762dcaffa2560d3813
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 11:08:04 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 595232
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript