upsexpressmails.com/services/international-trade/paperless-invoice.html
31.22.4.94200 OK 18 kB URL HTTP/1.1 upsexpressmails.com/services/international-trade/paperless-invoice.html
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3776), with CRLF, LF line terminators
Hash 56b23dc89e072926fb5643b94d34df8b
64a4b187f387f89050f968064178ace63ed004f8
e1ee5bddb6b075db7f91f53d383cdca8db544a6aa3795b587702c595ebd1e126
Analyzer Verdict Alert openphish UPS
fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /services/international-trade/paperless-invoice.html HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 06 Nov 2021 03:46:44 GMT
Cache-Control: max-age=500, public, proxy-revalidate
Expires: Wed, 08 Feb 2023 13:39:06 GMT
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9988
Expires: Wed, 08 Feb 2023 16:17:15 GMT
Date: Wed, 08 Feb 2023 13:30:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4029
Expires: Wed, 08 Feb 2023 14:37:56 GMT
Date: Wed, 08 Feb 2023 13:30:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 12:34:13 GMT
content-type: application/json
age: 3394
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14290
Expires: Wed, 08 Feb 2023 17:28:57 GMT
Date: Wed, 08 Feb 2023 13:30:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7gv9eFmG+1WzL2lu1xZ1Of0vdLZOt4jtUOGdYaPQzfOOscbyCqsJOzLY8/lE4kYkw2zVTlyx91fbOYIAUJcmhg==
x-amz-request-id: WKQ32K659YFJ8YTN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 12:35:56 GMT
age: 3291
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
upsexpressmails.com/tags.tiqcdn.com/utag/ups/maestro/prod/utag.sync.js
31.22.4.94404 Not Found 5.0 kB URL HTTP/1.1 upsexpressmails.com/tags.tiqcdn.com/utag/ups/maestro/prod/utag.sync.js
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 38bd2bcc805950debfbde51b1caf00f6
9bf82ad81b6d05a634db65e5107126572c89ddab
6de9ae3f5c17764eb196eac35c00ca6e2ebfe8ec73121473fcdc377331ade7e2
Analyzer Verdict Alert fortinet Phishing
GET /tags.tiqcdn.com/utag/ups/maestro/prod/utag.sync.js HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 08 Feb 2023 13:30:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 13:30:47 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
upsexpressmails.com/assets/resources/styles/ups.widgets.7e2315c2b219.css
31.22.4.94200 OK 11 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/styles/ups.widgets.7e2315c2b219.css
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type ASCII text, with very long lines (65472)
Hash 07010bf711a416973ae19ad93e687729
07e69ebcb97eaaaa2274a2a2dd5cd1de8b9c294a
dd8ac53b82588f620325bd16c65ad35521063befbce466fa9a394ab0a2caa086
GET /assets/resources/styles/ups.widgets.7e2315c2b219.css HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 01 Oct 2021 11:16:08 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:47 GMT
Content-Encoding: gzip
upsexpressmails.com/assets/resources/scripts/vendor/modernizr.fce41f.js
31.22.4.94200 OK 8.2 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/scripts/vendor/modernizr.fce41f.js
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type ASCII text, with very long lines (21213)
Hash 775e825fb126fae5d268ad87db3c6e91
ebd907786f63d6f177b3db9f40f8ba003eb766c4
3415c262590f2450402221b66506f1d00bc6323d4e1730e68e2ff276838f80c7
Analyzer Verdict Alert fortinet Phishing
GET /assets/resources/scripts/vendor/modernizr.fce41f.js HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Apr 2021 11:34:54 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:47 GMT
Content-Encoding: gzip
upsexpressmails.com/assets/resources/styles/ups.vendor.54f3c2d83b58.css
31.22.4.94200 OK 27 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/styles/ups.vendor.54f3c2d83b58.css
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type ASCII text, with very long lines (65352)
Hash 91ddda1a1d1236ece61be5245969a50d
add39717bd4a124d30d6686e31ed3a3c622c51ab
35fdd6fa1235dbeb98ea3721f3f544fa7b7c9098a2e9df4bedce8d0b226e7926
GET /assets/resources/styles/ups.vendor.54f3c2d83b58.css HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 28 Aug 2019 11:06:04 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:47 GMT
Content-Encoding: gzip
upsexpressmails.com/assets/resources/scripts/vendor/ups.vendor.55f92d.js
31.22.4.94200 OK 153 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/scripts/vendor/ups.vendor.55f92d.js
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type ASCII text, with very long lines (31994)
Size 153 kB (153066 bytes)
Hash 9c74c339694db17720bfe1f3369789a4
4ed34f82ad8f07d33405b92cc194e3529943dd2f
0e0835517046cd03261df944a16dea7611af3257c625fa5081ef8292ca9b70e7
Analyzer Verdict Alert fortinet Phishing
GET /assets/resources/scripts/vendor/ups.vendor.55f92d.js HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Apr 2021 11:34:54 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:46 GMT
Content-Encoding: gzip
upsexpressmails.com/ups.inq.com/chatskins/launch/inqChatLaunch10005649.js
31.22.4.94404 Not Found 5.0 kB URL HTTP/1.1 upsexpressmails.com/ups.inq.com/chatskins/launch/inqChatLaunch10005649.js
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 1eef23564e22e372cf34a07273ab1ed4
a78e3555b05255838b482d26d05da4910fb8cfcc
2bcd7ec8be017febbbc7573b53376a773b506c2a3c77372847ba40211f09dada
Analyzer Verdict Alert fortinet Phishing
GET /ups.inq.com/chatskins/launch/inqChatLaunch10005649.js HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
upsexpressmails.com/tags.tiqcdn.com/utag/ups/maestro/prod/utag.js
31.22.4.94404 Not Found 5.0 kB URL HTTP/1.1 upsexpressmails.com/tags.tiqcdn.com/utag/ups/maestro/prod/utag.js
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash af77f175e172e380f7997766d8cee422
b0623f6b1af3cb680815f6acde21f8dbf85c82f8
285fab917a0148145f28edc537376e3ee92fa5eb1c2508a1e5e8d19f9ff75a63
Analyzer Verdict Alert fortinet Phishing
GET /tags.tiqcdn.com/utag/ups/maestro/prod/utag.js HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
upsexpressmails.com/assets/resources/styles/ups.styles.3509ad1c4e49.css
31.22.4.94200 OK 107 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/styles/ups.styles.3509ad1c4e49.css
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type ASCII text, with very long lines (65472)
Size 107 kB (106979 bytes)
Hash 39ac5ce883f22c0358722588665733da
22888b12d1e5861d5c228f1a99974eb738eaa2bd
0e88d945a129e65fea38f66b153f6283693b1d2ab92173917df9fafdbdd63dcf
GET /assets/resources/styles/ups.styles.3509ad1c4e49.css HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 01 Oct 2021 11:16:08 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:47 GMT
Content-Encoding: gzip
upsexpressmails.com/assets/resources/styles/ups.modules.8f244af02293.css
31.22.4.94200 OK 110 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/styles/ups.modules.8f244af02293.css
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type ASCII text, with very long lines (65472)
Size 110 kB (109854 bytes)
Hash 669d9f0fe1230a7d8fab24cf99d8454a
0405bbd0f0ccd9a7f3814424aabf47ea6d1f1a7a
5524439c320ebdb94a104e90a0a973e7d94ecede4ff00d435d624117f246f911
GET /assets/resources/styles/ups.modules.8f244af02293.css HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 29 Oct 2021 11:38:58 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:47 GMT
Content-Encoding: gzip
upsexpressmails.com/assets/resources/scripts/ups.scripts.074583.js
31.22.4.94200 OK 94 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/scripts/ups.scripts.074583.js
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type ASCII text, with very long lines (31980)
Hash f33a5db81a109c3cdafe2e452fc81a0f
dafe124ba201bfadba899a8fd067055f78409795
b44eff7277f6e18e110f5917869165e7f6b164c4f84541a002bc9389c7fa7d20
Analyzer Verdict Alert fortinet Phishing
GET /assets/resources/scripts/ups.scripts.074583.js HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 14 Oct 2021 11:43:38 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:47 GMT
Content-Encoding: gzip
upsexpressmails.com/img/icp.gif
31.22.4.94200 OK 43 B URL HTTP/1.1 upsexpressmails.com/img/icp.gif
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /img/icp.gif HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Thu, 30 Apr 2015 05:29:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:47 GMT
upsexpressmails.com/assets/resources/images/369x276/m15-international-trade-paperless-invoice.jpg
31.22.4.94200 OK 25 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/images/369x276/m15-international-trade-paperless-invoice.jpg
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash e40e6a86adc4535de26f012d42540e0a
e5cb541e13e0ddef9d970870cce282be5971151f
18a4a19e0b421a378b5b707ef828caef31d7b2ff04f2287ee5e7b0eb90957c2c
GET /assets/resources/images/369x276/m15-international-trade-paperless-invoice.jpg HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: image/jpeg
Content-Length: 24880
Connection: keep-alive
Last-Modified: Thu, 17 Sep 2020 23:10:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:47 GMT
upsexpressmails.com/assets/resources/images/1600x1000/m4-target-df7-16x6-access-point-logistics.jpg
31.22.4.94200 OK 237 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/images/1600x1000/m4-target-df7-16x6-access-point-logistics.jpg
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 1600x1000, components 3\012- data
Size 237 kB (237082 bytes)
Hash c541b2c8d8b033a42c8df3b92118562a
0564a0e5fd84208a204e6c0c94df8a4f1bafa5ea
52f8074e0e92a741a0c7b33c9dd837b13439f339c976c8a645a906c5f7f6bdec
GET /assets/resources/images/1600x1000/m4-target-df7-16x6-access-point-logistics.jpg HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: image/jpeg
Content-Length: 237082
Connection: keep-alive
Last-Modified: Wed, 17 Mar 2021 00:28:50 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:47 GMT
upsexpressmails.com/assets/resources/images/1600x1000/m4-target-df3-16x6-business-solutions-default.jpg
31.22.4.94200 OK 173 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/images/1600x1000/m4-target-df3-16x6-business-solutions-default.jpg
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 1600x1000, components 3\012- data
Size 173 kB (172559 bytes)
Hash e240ad39a3ece1da419e7fe8a9f909cf
9ac9284e32d10796e51f20570599e9ee1f0f8b01
b56ce1238d152bc9b7cb08d5b3250f401fdc2b7faf537dcc498e94261191e024
GET /assets/resources/images/1600x1000/m4-target-df3-16x6-business-solutions-default.jpg HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: image/jpeg
Content-Length: 172559
Connection: keep-alive
Last-Modified: Mon, 09 Mar 2020 15:11:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:47 GMT
upsexpressmails.com/ups.inq.com/chatskins/launch/inqChatLaunch10005649.js
31.22.4.94404 Not Found 5.0 kB URL HTTP/1.1 upsexpressmails.com/ups.inq.com/chatskins/launch/inqChatLaunch10005649.js
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 1eef23564e22e372cf34a07273ab1ed4
a78e3555b05255838b482d26d05da4910fb8cfcc
2bcd7ec8be017febbbc7573b53376a773b506c2a3c77372847ba40211f09dada
Analyzer Verdict Alert fortinet Phishing
GET /ups.inq.com/chatskins/launch/inqChatLaunch10005649.js HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 13:14:52 GMT
age: 956
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
upsexpressmails.com/assets/resources/images/social_spritesheet.png
31.22.4.94200 OK 2.9 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/images/social_spritesheet.png
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c12dea2142de71da1758376e9db7d13
9235ee896750b73a5b6206126f558ab61d023a11
e167e6801708cc6ba53214411a023a8ca109672fa49c328d4fbf3f1cf71f2f68
GET /assets/resources/images/social_spritesheet.png HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/assets/resources/styles/ups.modules.8f244af02293.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: image/png
Content-Length: 2916
Connection: keep-alive
Last-Modified: Tue, 12 Oct 2021 18:19:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:47 GMT
upsexpressmails.com/assets/resources/images/social.jpg
31.22.4.94200 OK 1.3 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/images/social.jpg
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 20x120, components 3\012- data
Hash aabe824347f4d8d979ba553e7e9342d8
034d4e15cb9b3718b9dd152ff86578accd88a20d
32daabfa4ca4b32e74b3dde69eda9dc7d580ea622dfe6284ceb84930bdd973cc
GET /assets/resources/images/social.jpg HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/assets/resources/styles/ups.modules.8f244af02293.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: image/jpeg
Content-Length: 1254
Connection: keep-alive
Last-Modified: Sun, 10 Oct 2021 05:17:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:47 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6059
Expires: Wed, 08 Feb 2023 15:11:47 GMT
Date: Wed, 08 Feb 2023 13:30:48 GMT
Connection: keep-alive
upsexpressmails.com/assets/resources/styles/fonts/Roboto-Regular.woff
31.22.4.94200 OK 94 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/styles/fonts/Roboto-Regular.woff
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type Web Open Font Format, TrueType, length 93784, version 2.137\012- data
Hash 1cfd1aa3b4fe4bba10c132acea9985af
4edccc73318b8d3f6dee84f934063ea52644ed0f
c511a38838f14cd23a3e2a7c7c9b7f2864a2a6b9e548053bb71b432a677966e2
Analyzer Verdict Alert fortinet Phishing
GET /assets/resources/styles/fonts/Roboto-Regular.woff HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://upsexpressmails.com/assets/resources/styles/ups.styles.3509ad1c4e49.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: font/woff
Content-Length: 93784
Connection: keep-alive
Last-Modified: Fri, 01 Oct 2021 11:46:42 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Wed, 08 Feb 2023 13:30:47 GMT
upsexpressmails.com/assets/resources/styles/fonts/Roboto-Italic.woff
31.22.4.94200 OK 99 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/styles/fonts/Roboto-Italic.woff
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type Web Open Font Format, TrueType, length 99428, version 2.137\012- data
Hash 19d74268080cd687290602043c6ab196
9f16fac0f977e9a05cdb4bf0e11ef451452a325b
a3ebbe5cccfbabf1e67669b3dc6dc3792f55cf0153bc6f99a39a8d6328c24b98
Analyzer Verdict Alert fortinet Phishing
GET /assets/resources/styles/fonts/Roboto-Italic.woff HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://upsexpressmails.com/assets/resources/styles/ups.styles.3509ad1c4e49.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: font/woff
Content-Length: 99428
Connection: keep-alive
Last-Modified: Fri, 01 Oct 2021 11:46:42 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Wed, 08 Feb 2023 13:30:47 GMT
s.go-mpulse.net/boomerang/TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
23.38.200.138200 OK 50 kB URL HTTP/2 s.go-mpulse.net/boomerang/TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
IP 23.38.200.138:0
File type C source, ASCII text, with very long lines (65103)
Hash 8991c3ec80ec8fbc41382a55679e3911
8cc8cee91d671038acd9e3ae611517d6801b0909
f55bacd4a20fef96f5c736a912d1947be85c268df18003395e511c1e860e8800
GET /boomerang/TADEN-6MDCS-UHH5M-YHPKQ-2GBH3 HTTP/1.1
Host: s.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://upsexpressmails.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Mon, 09 Jan 2023 13:54:18 GMT
timing-allow-origin: *
vary: Accept-Encoding
content-length: 50393
date: Wed, 08 Feb 2023 13:30:48 GMT
X-Firefox-Spdy: h2
upsexpressmails.com/assets/resources/styles/fonts/Roboto-Light.woff
31.22.4.94200 OK 94 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/styles/fonts/Roboto-Light.woff
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type Web Open Font Format, TrueType, length 93472, version 2.137\012- data
Hash 056dc044ac904ef5b895e0dc8ebf4154
98ad1243eb3adc491f0814015f4bd9741891adde
c578b41854a095f3a7abc3f5413977d05e4e01239225ed53eb23e8c72cc19c5c
Analyzer Verdict Alert fortinet Phishing
GET /assets/resources/styles/fonts/Roboto-Light.woff HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://upsexpressmails.com/assets/resources/styles/ups.styles.3509ad1c4e49.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: font/woff
Content-Length: 93472
Connection: keep-alive
Last-Modified: Fri, 01 Oct 2021 13:03:04 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Wed, 08 Feb 2023 13:30:47 GMT
upsexpressmails.com/assets/resources/styles/fonts/Roboto-Medium.woff
31.22.4.94200 OK 94 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/styles/fonts/Roboto-Medium.woff
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type Web Open Font Format, TrueType, length 94364, version 2.137\012- data
Hash 7350337b673e86f2d62ee0eb5761e1e2
eb11f6c75c34069217cc1692d00e8ac3945c8a3d
4f543ad26c42709ef00a1921f7dd1aa27a1930a354ecb353196665e43dac3706
Analyzer Verdict Alert fortinet Phishing
GET /assets/resources/styles/fonts/Roboto-Medium.woff HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://upsexpressmails.com/assets/resources/styles/ups.styles.3509ad1c4e49.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: font/woff
Content-Length: 94364
Connection: keep-alive
Last-Modified: Fri, 01 Oct 2021 11:46:42 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Wed, 08 Feb 2023 13:30:47 GMT
upsexpressmails.com/assets/resources/styles/fonts/Roboto-MediumItalic.woff
31.22.4.94200 OK 101 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/styles/fonts/Roboto-MediumItalic.woff
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type Web Open Font Format, TrueType, length 101008, version 2.137\012- data
Size 101 kB (101008 bytes)
Hash b839b74a5ee74b0a9cd32086eab9895c
11d5f2116176fcf72ce777d179514f58a7f2fa2d
91de49a08e15d9140557f6840f33512447e58dc8b4819a3a77e04792ba5d07db
Analyzer Verdict Alert fortinet Phishing
GET /assets/resources/styles/fonts/Roboto-MediumItalic.woff HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://upsexpressmails.com/assets/resources/styles/ups.styles.3509ad1c4e49.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:47 GMT
Content-Type: font/woff
Content-Length: 101008
Connection: keep-alive
Last-Modified: Wed, 06 Oct 2021 03:23:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Wed, 08 Feb 2023 13:30:47 GMT
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZDkv9TS9rtgMm1+4bO+qqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mzDBXRYMLn7Mg/F319nLXypdtpI=
c.go-mpulse.net/api/config.json?key=TADEN-6MDCS-UHH5M-YHPKQ-2GBH3&d=upsexpressmails.com&t=5586210&v=1.720.0&if=&sl=0&si=36ac35f1-ea5d-4837-9659-9c32dbb2de96-rprk8u&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=265833
23.38.200.138403 Forbidden 108 B URL HTTP/1.1 c.go-mpulse.net/api/config.json?key=TADEN-6MDCS-UHH5M-YHPKQ-2GBH3&d=upsexpressmails.com&t=5586210&v=1.720.0&if=&sl=0&si=36ac35f1-ea5d-4837-9659-9c32dbb2de96-rprk8u&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=265833
IP 23.38.200.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7e7987d07afa8f13c5dafbe331ad48e5
340506c8fd9e159b12ae8f224a74dee796b88893
e8a07823dcde5b0071b12ddf2fa0d94aa8274d81a2b05b8492eb4312d97934bf
GET /api/config.json?key=TADEN-6MDCS-UHH5M-YHPKQ-2GBH3&d=upsexpressmails.com&t=5586210&v=1.720.0&if=&sl=0&si=36ac35f1-ea5d-4837-9659-9c32dbb2de96-rprk8u&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=265833 HTTP/1.1
Host: c.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://upsexpressmails.com
Connection: keep-alive
Referer: http://upsexpressmails.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300, stale-while-revalidate=60, stale-if-error=120
Timing-Allow-Origin: *
Content-Length: 108
Date: Wed, 08 Feb 2023 13:30:48 GMT
Connection: keep-alive
Content-Type: application/json
www.ups.com/DUN3AqOet6/fG/qauzHUux/DYp7pwfkE1Sa/NF0eYBMRMgs/azdAayg/ySTwB
23.38.201.152200 OK 73 kB URL HTTP/2 www.ups.com/DUN3AqOet6/fG/qauzHUux/DYp7pwfkE1Sa/NF0eYBMRMgs/azdAayg/ySTwB
IP 23.38.201.152:0
Hash c6dd15c3ee5a4bcd9d8e8a0c3d52fd41
ebba299bae409a0681ee4e00cc72c1458f73e049
ead22de7b5e9317ca777f867211c757f63e6efee96eab3baa6f9126e39a78659
GET /DUN3AqOet6/fG/qauzHUux/DYp7pwfkE1Sa/NF0eYBMRMgs/azdAayg/ySTwB HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://upsexpressmails.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 18:21:50 GMT
etag: "c065b170d98e55180d9d0ec22203687e78580f5a9c71964c6b1b97f01595bfe0"
content-type: application/javascript
content-encoding: gzip
content-length: 72934
date: Wed, 08 Feb 2023 13:30:49 GMT
vary: Accept-Encoding
expires: 0
cache-control: no-cache, no-store, must-revalidate
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="465517_388255527_1242558372_29_3901_1_0";dur=1
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
set-cookie: _abck=79B7B31EF8824C30CEBCFA3A7263E2AA~-1~YAAQJ08kFxZQIieGAQAAJ8Q4MQmd8unWpyPFJz1hbdhygQFyMxzk4fuG7Lm5gZ505kvT5sHXkKInYX4aFuRlXHSQ4rAXEdrMJUH/X/9K/iNsUSpPIx5jpYnPvP70GWZLEMIfv5vXxT3eIqO2/rwr01wnQ/ds1yAfdXsSY8RpKhm8HXnWdayVtLLExk3Kw8QvNMtpzlXCKg4ERkqYucnqnk1hs0V6rynL4Tope/7bBOp+nM7YUfh4MRlLx19lXeuNb/zr0Ek/ZmXBlWsJTwvuwCVjDmGNvMZRLwggb9JC39a0e7qxEaF4l53x7i0YCGCsiuyapAQe7BDEzXEqBcX7rqMI1IdAuAd9kL3GSraD1eSsJY9P52WWh/AE~-1~-1~1675866548; Domain=.ups.com; Path=/; Expires=Thu, 08 Feb 2024 13:30:49 GMT; Max-Age=31536000; Secure
bm_sz=CBE982DC2D10342F7996F3795ADF704A~YAAQJ08kFxdQIieGAQAAJ8Q4MRIHE65+T+rp7auJsQx8l7c1DNwVwtxYh9tAjto+JPMKT3YeBd9gU3j28bjeRg8Cg2TkfGsHrB+EzQr6ku0aPYUxtzuSRp4V7nQR0QH4L2Ay3QfL/1QqFZAbtWLQocWuYraJXTsNcyaj6ozxCqk8c82as+Fxo4Goc/bSbAjE7tIDEAs8gmZshGPRphNfnC/gcHg9sG09k0q8qi1GiMiJOQRXXnDH3W7mdDpwE7DhVBwF8CdR3r2WhpJIxIsnXyMyAwCY+KcT5tsbZOMhXq0=~4469569~3556913; Domain=.ups.com; Path=/; Expires=Wed, 08 Feb 2023 17:30:49 GMT; Max-Age=14400
X-Firefox-Spdy: h2
www.ups.com/assets/resources/images/UPS_logo.svg
23.38.201.152200 OK 1.1 kB URL HTTP/2 www.ups.com/assets/resources/images/UPS_logo.svg
IP 23.38.201.152:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2162), with no line terminators
Hash 849a64e3cfc9bd0836d231c06d7cc6d8
7bafabde4eadb7df3ea41496eaa2d65cc9e87e18
4d1179bcf986517d857c727b5d0e98acef24cba72b9eeba59309c4631e1aa75d
GET /assets/resources/images/UPS_logo.svg HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://upsexpressmails.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 04:54:15 GMT
referrer-policy: same-origin
server: Akamai Resource Optimizer
content-length: 1086
expires: Wed, 08 Feb 2023 13:30:49 GMT
pragma: no-cache
date: Wed, 08 Feb 2023 13:30:49 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="465517_388255527_1242558373_25_6735_0_0";dur=1
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache="Set-Cookie"
X-Firefox-Spdy: h2
www.ups.com/DUN3AqOet6/fG/qauzHUux/DYp7pwfkE1Sa/NF0eYBMRMgs/azdAayg/ySTwB
23.38.201.152201 Created 18 B URL HTTP/2 www.ups.com/DUN3AqOet6/fG/qauzHUux/DYp7pwfkE1Sa/NF0eYBMRMgs/azdAayg/ySTwB
IP 23.38.201.152:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
POST /DUN3AqOet6/fG/qauzHUux/DYp7pwfkE1Sa/NF0eYBMRMgs/azdAayg/ySTwB HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2019
Origin: http://upsexpressmails.com
Connection: keep-alive
Referer: http://upsexpressmails.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-length: 18
date: Wed, 08 Feb 2023 13:30:49 GMT
content-type: application/json
server-timing: edge; dur=1, origin; dur=4, cdn-cache; desc=MISS, ak_p; desc="465517_388255527_1242559249_582_4446_5_0";dur=1
x-akam-sw-version: 0.5.0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
set-cookie: _abck=4CEC62C40B096380C9492345D2F66168~-1~YAAQJ08kFxpQIieGAQAAmsQ4MQmks5n/+KITb7Ngb8HhZCmWagoyaDyCn6RUmvteYTvK2661ROdQNQicA7Cn+khIT5np+mOkdn/3dMAaacqfhGEUW2USKggaEhB5XrrkGb63w7US9ZPA6n0a4GHjU0qIVKt5DZjEiwdBJ2LiJ4O910OW+q3VKfPvtTlsTlg4tT1FnGB7eb6D+wWpscrmtnuva0NodWUyXd1wNtYHAhbn+xEJKAJEuWHkhsd52i6Dtva50LpR1+GqZrlYu6aUIf2Bv8RyO9nJHpypwETByLPFRsLk9dGFNbMy3JSoR3LoDT2CkmtKSrRPQmT2Yu4VOXEoGJBzVS6hybsljkhxc9ycPc9qR1nWvtKG~-1~-1~1675866600; Domain=.ups.com; Path=/; Expires=Thu, 08 Feb 2024 13:30:49 GMT; Max-Age=31536000; Secure
bm_sz=202ED4BFE1C10823EA9E1406732A1A05~YAAQJ08kFxtQIieGAQAAmsQ4MRI3HFyHJ0ItMjVJw/qBX491fku+q/ouoMIDKxUALDNtbAGTQJA8kw5RLaNidF3uteQzk291Mgjv1c88xbFE8c6p/NMHEva4napOZOkRbPHYG6tBL3tKthrVJ/PBr7tZt6oo70uLOTcli+Sl8m9E8ztabOe3uIbJAtyqBtU16jwu5Y3hIbvWBD1tglSGUszdo253u+7k9QLswsD6nJjVD8MMYvQCmFPAQG0LUH4RItorhidyz3M55miIe1Lkdhg76HWFCUGAm1lBJR8UBvw=~4469569~3556913; Domain=.ups.com; Path=/; Expires=Wed, 08 Feb 2023 17:30:49 GMT; Max-Age=14400
X-Firefox-Spdy: h2
upsexpressmails.com/assets/resources/images/768x432/m4-target-df3-16x4-business-solutions-default.jpg
31.22.4.94200 OK 58 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/images/768x432/m4-target-df3-16x4-business-solutions-default.jpg
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x432, components 3\012- data
Hash b2fee23eebd4e9c9790796c493960be9
2f2cddae6117cb98e3ffc34bd4325f9e7bad0845
791c3257d0723b9ab0d632f63b935f91fbeb6d1b8f07403711905aa78bc36f93
GET /assets/resources/images/768x432/m4-target-df3-16x4-business-solutions-default.jpg HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:48 GMT
Content-Type: image/jpeg
Content-Length: 57679
Connection: keep-alive
Last-Modified: Sat, 19 Sep 2020 11:50:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:48 GMT
upsexpressmails.com/assets/resources/styles/images/jquery-ui/ui-bg_highlight-soft_100_eeeeee_1x100.gif
31.22.4.94200 OK 73 B URL HTTP/1.1 upsexpressmails.com/assets/resources/styles/images/jquery-ui/ui-bg_highlight-soft_100_eeeeee_1x100.gif
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type GIF image data, version 89a, 1 x 100\012- data
Hash cc7201eb981a77a899b9c65e8185ec2b
2281ce4dc851c0bdebee2d61a284098feb5ed52e
946ec2bfe056dd34e736e2ae9c9041290fc42e7b1e9788fde3a54e32c1aa8ea1
GET /assets/resources/styles/images/jquery-ui/ui-bg_highlight-soft_100_eeeeee_1x100.gif HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/assets/resources/styles/ups.vendor.54f3c2d83b58.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:48 GMT
Content-Type: image/gif
Content-Length: 73
Connection: keep-alive
Last-Modified: Wed, 16 Jun 2021 10:16:30 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:48 GMT
upsexpressmails.com/favicon.ico
31.22.4.94404 Not Found 4.9 kB URL HTTP/1.1 upsexpressmails.com/favicon.ico
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash c922efa07f89268c7c3792ef2c085226
038df7c81409eca3749b77a0cb9e79bb8bb9b2cf
fad56aafd00b8e46b307d51bb66125eeabd001e5e40f0ea407757f2b11f3d8b5
GET /favicon.ico HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 08 Feb 2023 13:30:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
upsexpressmails.com/assets/resources/images/768x432/m4-target-df7-16x4-access-point-logistics.jpg
31.22.4.94200 OK 78 kB URL HTTP/1.1 upsexpressmails.com/assets/resources/images/768x432/m4-target-df7-16x4-access-point-logistics.jpg
IP 31.22.4.94:0
ASN #34119 Wildcard UK Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x432, components 3\012- data
Hash 67f974e0e4f459412a8070346f2822c6
cbc886063c5529748c2901c4d081f78e34731cb2
b37659cae9cd39bab06dffdf0fbeed54fa16d26c3498ed5ab532a12ba5e494a1
GET /assets/resources/images/768x432/m4-target-df7-16x4-access-point-logistics.jpg HTTP/1.1
Host: upsexpressmails.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://upsexpressmails.com/services/international-trade/paperless-invoice.html
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 13:30:48 GMT
Content-Type: image/jpeg
Content-Length: 77988
Connection: keep-alive
Last-Modified: Fri, 16 Jul 2021 03:18:50 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Fri, 10 Mar 2023 13:30:48 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10372
Expires: Wed, 08 Feb 2023 16:23:41 GMT
Date: Wed, 08 Feb 2023 13:30:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10372
Expires: Wed, 08 Feb 2023 16:23:41 GMT
Date: Wed, 08 Feb 2023 13:30:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10372
Expires: Wed, 08 Feb 2023 16:23:41 GMT
Date: Wed, 08 Feb 2023 13:30:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9c2a9eee923b84d4e06438a8b2acaff
520b122e3ce52220af153fee26bb7067283f9075
9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qYXu_I4vL00EOopA1nQcxCTMKf4nObKFk9XQozhw6FezKsfTDem3Mw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:35 GMT
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
age: 55454
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 845e4e4051f1162b20d3df5f208e8d3e
076462f67531c60b31ec768a275c96317292306d
40996d8929ab92f342328fc018518d6131c6222b0ec23051775eda276a602026
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4168
x-amzn-requestid: 24814225-0063-49fb-86ff-e78869538b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjQFS_IAMFtLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-67307c42182089b3096e98b5;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qLuHdYthPTS7qoVjS783M1Q-RtOluQpKozCi-zABez133FyvgBsBog==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:43:37 GMT
age: 56832
etag: "076462f67531c60b31ec768a275c96317292306d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2bf626b824fefec1ecaceb9243f2e5ec
f222976d76d889a0cd767bfd73075ee114c531ce
3f981850c6e6628245be7f7e26418d8b945dbeaf45e06492d8e2ee9409245195
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12772
x-amzn-requestid: a4603c5c-c842-4a1d-bf09-550f160e1082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7OEz8oAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-763b7ecf50411a4d13dd8a25;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ECAdRS7as57pL15HxK4Ep0YOho8Kba8RFhMVnXGdJuKYItQHNf2yHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:14 GMT
age: 56195
etag: "f222976d76d889a0cd767bfd73075ee114c531ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be9f475292d4b5b0502d4381ccdf455b
ecb943b48c822b086ea699d802f8f1bb5ee26651
ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oDXgginig1GJvV9QIPvDGVumNDnOrBbrGRZSqyJ_NDRUX4XP5jxHxQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:03:47 GMT
age: 55622
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbe359ce6fb136add75c8f3d3cc06330
e6584afcf39b6fad21eccbcce95c6645b8e1b3b8
29478bf1b8168dc457bb7d298448a78e1040bd3aa80cbf11cfa37475568590d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8170
x-amzn-requestid: d1ddb47f-3472-4015-8d55-72f435671f03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5aSPHiroAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e070da-114975440d70915472cdba2f;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:15:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0w6JgtsKSRHLPJ3LyY6YUI8N7PS-gVlLuivQUq9jdyeYYm3STiJJIQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:34:33 GMT
age: 32176
etag: "e6584afcf39b6fad21eccbcce95c6645b8e1b3b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81DTnHIh40lNEi6l5hC87Vo9R8k4w79Fr71zibyvGP0iJm4kmhWITA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 07:53:36 GMT
age: 20233
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ups.com/DUN3AqOet6/fG/qauzHUux/DYp7pwfkE1Sa/NF0eYBMRMgs/azdAayg/ySTwB
23.38.201.152201 Created 18 B URL HTTP/2 www.ups.com/DUN3AqOet6/fG/qauzHUux/DYp7pwfkE1Sa/NF0eYBMRMgs/azdAayg/ySTwB
IP 23.38.201.152:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
POST /DUN3AqOet6/fG/qauzHUux/DYp7pwfkE1Sa/NF0eYBMRMgs/azdAayg/ySTwB HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2561
Origin: http://upsexpressmails.com
Connection: keep-alive
Referer: http://upsexpressmails.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-length: 18
date: Wed, 08 Feb 2023 13:30:49 GMT
content-type: application/json
server-timing: edge; dur=2, origin; dur=12, cdn-cache; desc=MISS, ak_p; desc="465517_388255527_1242564032_1417_3663_4_0";dur=1
x-akam-sw-version: 0.5.0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
set-cookie: _abck=DF5208A1ECACE64EBDA8049EBB659521~-1~YAAQJ08kFyZQIieGAQAAvcY4MQkLSUS1k6vtJIImYNkyN1bTtrWmYw0Gk2tDuWJlE4pIX36O7ukgzpvEnc+N/Nf10Z8EFSGGlUvpNauwr+jreRGc1A2Qva9KcnNBYfMqM4h2E1iTj46BRw7ptQUAq3uN+1IVLO29Fg9Ep6GLIOsLqRk617j7+EyzpnDCPKhNRgLBp7pKxMmDV+fKYFNI/5QDiljaRrPaPyQNgQxlM/+DlqjcDgK7sdzV0X3tgkHbkIcbIx38FerEaFKEQ9b0+pD5rmsE3tnawo8VzmS+qZp01X5roeXs65xJeWkr0AeQKYP2yOccW0EwMaaN5BddG6YIIizjev+Osg6qcNG9SeOPCJ0mb8dF3MYr~-1~-1~1675866580; Domain=.ups.com; Path=/; Expires=Thu, 08 Feb 2024 13:30:49 GMT; Max-Age=31536000; Secure
bm_sz=208766F9D2F9FD010481EC685E87C5ED~YAAQJ08kFydQIieGAQAAvcY4MRIeKinvKjlX2rOAs946mnq2hA2nNzKSxN+vI0uGauQsAJLKCuI/HWkrxSnHQSqzSSi2QTacDTwBEEdz6C2cgyKCMBEOQCXAgBeH80KODb1hd7p16gyiIXGdgsjF+cB4LlBbkUyLZVfnKXVIxihCFwz6lCtndHuDi7YaWVtKlxYSDoUkJJVC8SzlyVxMmuM0l0y4Fxj8aKxiREnFFlpRxhB0Trl1pG6eDYU06KyUyPex+qC0i1GVJ9Nshrow3v9WNqkUFgPaUdRNsWZy9ps=~4469569~3556913; Domain=.ups.com; Path=/; Expires=Wed, 08 Feb 2023 17:30:49 GMT; Max-Age=14400
X-Firefox-Spdy: h2
www.ups.com/DUN3AqOet6/fG/qauzHUux/DYp7pwfkE1Sa/NF0eYBMRMgs/azdAayg/ySTwB
23.38.201.152201 Created 18 B URL HTTP/2 www.ups.com/DUN3AqOet6/fG/qauzHUux/DYp7pwfkE1Sa/NF0eYBMRMgs/azdAayg/ySTwB
IP 23.38.201.152:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
POST /DUN3AqOet6/fG/qauzHUux/DYp7pwfkE1Sa/NF0eYBMRMgs/azdAayg/ySTwB HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3065
Origin: http://upsexpressmails.com
Connection: keep-alive
Referer: http://upsexpressmails.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-length: 18
date: Wed, 08 Feb 2023 13:30:50 GMT
content-type: application/json
server-timing: edge; dur=3, origin; dur=20, cdn-cache; desc=MISS, ak_p; desc="465517_388255527_1242568458_2339_3249_2_0";dur=1
x-akam-sw-version: 0.5.0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
set-cookie: _abck=26B98FDADF9AB22FE639DD630D89AE8A~-1~YAAQJ08kFytQIieGAQAArsg4MQmSTz2gIB9CM7TxsUZRKVVWHXxJJ54v8Q/M0Mag5R2kCU2VP3MCBm/NpQFW9zuCtBhE7CV97AsTwTXX5hjfpg8ozZjGhKpv7vXmjTp6iO7hovoJwvOLAh3D6d0AWhgV1iy6pvCjfGwQgkPT+II1rxoHqBM61cRix1cFj9tfBOwm/eRNQm+94cj0pQvD0G9lrMCXRpJhZmiVF0bCPMQq4fNIwivP7z092Ml1CbHwmmg0vsqq2kx6fuD55oCeFkUfO0zZ+rpMdysZgv5n10O9WUluQG8biiNKs4lj7aigTxTjIbKWC/1abj4BNL2RTd8H3b9TJ43w4gnU+A2D7vWGP6hFqS3gzIlC~-1~-1~1675866563; Domain=.ups.com; Path=/; Expires=Thu, 08 Feb 2024 13:30:50 GMT; Max-Age=31536000; Secure
bm_sz=F9F4653D5B3773EAAB2C6811FA93501D~YAAQJ08kFyxQIieGAQAArsg4MRKCYNbGgaQ6jU+UqUEytIonQ6UjGRL5fv9vJNZS4Cl3xZ8/0NrYV8YZTBC9S4Vn43YNxtx/m25lLixWByOF4UzSuTRxbdGKQHwuQQPDn3ZwdBeJ/7gMRYcchqkS4PPcfYEk6tFtbsM4xUjDVV6sXTHJ/W7wdddtPdMuKOfLvmd35b/1RncLr5h9Dy/frEKE74ROFDrVNUqMajeXi5yb8CUcOl6gc0LaZINeniz6nCMV30X7vJg1jRj4j0zSecHzHciITmMu00txW/2pLT8=~3491380~3159090; Domain=.ups.com; Path=/; Expires=Wed, 08 Feb 2023 17:30:50 GMT; Max-Age=14400
X-Firefox-Spdy: h2