r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 82788b8b26eeba7f492106ea47729bbb
823b2d3c336d11064a6b809057bed46bb65a7969
7671d088ba1420ffa01dbd63c5f7ab28d52d3591bc04c4cc182d1f9e64a7f2f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7671D088BA1420FFA01DBD63C5F7AB28D52D3591BC04C4CC182D1F9E64A7F2F8"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5798
Expires: Sat, 29 Oct 2022 08:36:29 GMT
Date: Sat, 29 Oct 2022 06:59:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 922281894182eba1fc67c2d8678e3238
e169209341b09bf4f14ebb3fc7c07b03f2121bf1
37516083f7655af68d7e426efca6f9f3709a80318ac7bb8cc492c183916141b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6230
Cache-Control: max-age=101706
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:51 GMT
Etag: "635ba15b-1d7"
Expires: Sun, 30 Oct 2022 11:14:57 GMT
Last-Modified: Fri, 28 Oct 2022 09:31:07 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 922281894182eba1fc67c2d8678e3238
e169209341b09bf4f14ebb3fc7c07b03f2121bf1
37516083f7655af68d7e426efca6f9f3709a80318ac7bb8cc492c183916141b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5803
Cache-Control: max-age=101279
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:51 GMT
Etag: "635ba15b-1d7"
Expires: Sun, 30 Oct 2022 11:07:50 GMT
Last-Modified: Fri, 28 Oct 2022 09:31:07 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42d84e61e6aa4d3cce623adccfafc3e2
0dba69e98be53c153a6726ff934b2d55feb20d75
2f53662c68c9ea7be85837310861c8007fd039e5e4d8eb8f0d8948d5d1571a03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F53662C68C9EA7BE85837310861C8007FD039E5E4D8EB8F0D8948D5D1571A03"
Last-Modified: Thu, 27 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2183
Expires: Sat, 29 Oct 2022 07:36:14 GMT
Date: Sat, 29 Oct 2022 06:59:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UY49XjwNAVIqKGJuoZJ2QIw0/xEk2vy1y0eRaOGJx+dzw2j/zR0uaqnlFq8vubTG1Q8jZMSw2yY=
x-amz-request-id: QBK0Z7RHPZSKCNJ0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 29 Oct 2022 06:10:34 GMT
age: 2957
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 29 Oct 2022 06:59:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
usps-postage-mail-forwarding-receiving-parcel.zyns.com/
146.190.217.48302 Found 0 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/
IP 146.190.217.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery DynDNS domain detected
GET / HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 29 Oct 2022 06:59:51 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734; path=/
Location: USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6b7c0ce49b8ebb90707ec439581bc979
1affe02f362f59f8acaaa2cc16185fc2942a82cf
99057099a66b378f0825443f175ad6f84a9f69c0abb8f8db546eb348de4facb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6485
Cache-Control: max-age=96901
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:52 GMT
Etag: "635b8d98-1d7"
Expires: Sun, 30 Oct 2022 09:54:53 GMT
Last-Modified: Fri, 28 Oct 2022 08:06:48 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/usps-fonts.css
146.190.217.48200 OK 3.3 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/usps-fonts.css
IP 146.190.217.48:0
File type CSV text\012- , ASCII text, with very long lines (548)
Hash ff5f1d5d8680597b16dec4776536ab4b
f008371165d6a1c6a792347ecee106d8ba81a6f2
105e974d53f06bd2dab2baaa2e8da20812ec7d132fd0e86bb27e16b8238cf457
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/usps-fonts.css HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 3271
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/bootstrap-sticky-footer.css
146.190.217.48200 OK 137 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/bootstrap-sticky-footer.css
IP 146.190.217.48:0
File type ASCII text, with no line terminators
Hash 46ca0541d17fb74860b13bddfb40dd53
e5f10c720b7556798ace107f6ca704241676460c
bb0e5cffa99e8c888c9acd59e3f6e929ff885f7e255b1af639f5d49dc61e2b32
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/bootstrap-sticky-footer.css HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 137
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
52.39.126.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.126.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /0YNUp29A2ZoKgC+VvtvjQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZNrBfa0lnh1uWWmz+Z3sXc5W+c4=
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/21006064.js
146.190.217.48200 OK 1.7 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/21006064.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (1735), with no line terminators
Hash 9bf57e26660b2aa5d23477b533c74fd7
0f6ad66b400f01e1e32f2d586e5b60476e3dfa91
518d16ac02487f5e18c5f301e9ff50976c1bf458e3c416e380fc3c73f6667e9c
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/21006064.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1735
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/theme.css
146.190.217.48200 OK 43 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/theme.css
IP 146.190.217.48:0
File type ASCII text, with very long lines (1137)
Hash 92225defe6c529ac9742889e6ee9d36c
81e1f32202a839d131e4949a3e402deeff66bd70
1c502e3d288f7df16d00544f339a1ca477aac77fa27c819592f7b865591b9442
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/theme.css HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 42975
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
146.190.217.48200 OK 285 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (51698), with CRLF line terminators
Size 285 kB (284981 bytes)
Hash c26865ed096ff44d1ca4377bfe312eb0
87d499530993586968d43458e7b6c9ed9be43ecc
e237080b6495793b802f408a3fafd1318ef847cd110116bcde540ed8bed1024e
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/ HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/21006064_002.js
146.190.217.48200 OK 1.1 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/21006064_002.js
IP 146.190.217.48:0
File type ASCII text, with CRLF line terminators
Hash d51d57187870a8a1de69e179d0feaa4a
0edc7cb602df552ed99354611d8035df845dbdd1
ab6e33124ca88c96695d13345c050b5edd134f6307564896098ded6c6515a1a5
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/21006064_002.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1141
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/f.txt
146.190.217.48200 OK 42 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/f.txt
IP 146.190.217.48:0
File type ASCII text, with very long lines (1623)
Hash 054a78c014642c955c27626be2d8134b
b1820e69abd79548525fe90d9e114acc249327a8
194e7b2883c824a3e1de387cb2e99e8f2912925b89c7663bd7dd868fd1aba26a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/f.txt HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 41958
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/plain
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/clarity.js
146.190.217.48200 OK 55 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/clarity.js
IP 146.190.217.48:0
File type Unicode text, UTF-8 text, with very long lines (54745)
Hash c238c096f4ff077be41b8296711e8641
a50be06611656993022a860865c30f85e8ff7832
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/clarity.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 54832
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/f_002.txt
146.190.217.48200 OK 2.3 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/f_002.txt
IP 146.190.217.48:0
File type ASCII text, with very long lines (2303), with no line terminators
Hash e63f37169382824b01725a02b3fe2ad6
2ea785c319a6cdd9f34a6b52d251e081623336ef
967a5776ea4b713f6a5473794e2222411a288d98b354aeec49ce2cb7cbe4e054
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/f_002.txt HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 2303
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/plain
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/main.55e552f9.js
146.190.217.48200 OK 54 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/main.55e552f9.js
IP 146.190.217.48:0
File type Unicode text, UTF-8 text, with very long lines (54284), with no line terminators
Hash c705fdcc9a56806c2ec8752d806173df
49f9713291403377abc7004f70508e95e5bfc9c4
ecf5185587dc584318775956d242115534ec7d928758081c0f9a1e3f97992508
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/main.55e552f9.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 54294
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/bootstrap.min.css
146.190.217.48200 OK 122 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/bootstrap.min.css
IP 146.190.217.48:0
File type ASCII text, with very long lines (64985)
Size 122 kB (122482 bytes)
Hash 6439ff95f4b0d95bf8ba1897c19eab2c
63e64f9cdb0033dcc836be4f59a710875ef34ad6
f4bbc1d72d017bef7a1d71c52e952861b92178cc2dd5378592eb875dfdae9b66
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/bootstrap.min.css HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 122482
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/pixel.js
146.190.217.48200 OK 25 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/pixel.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (25224)
Hash 1a42767ea6f6e5498e665d394486e413
f2c8f17c515ba67719cf8c563b972a01ee08cd57
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/pixel.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 25225
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/bat.js
146.190.217.48200 OK 39 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/bat.js
IP 146.190.217.48:0
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 16911c194f6e9313655f07c4eb9d8737
d39ccfa8c6d785af331afafe9e36336031f41b64
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/bat.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 38827
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/core.js
146.190.217.48200 OK 1.1 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/core.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (1142), with no line terminators
Hash b06b4e6cb1f66b46eb000478658c5236
e6a12798819f7512b3dc773b5abe637bf6c2491e
5afc363b68106631c9744da4953b7f123c67bb28f07e85c21e97d06c439a093a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/core.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1142
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/uwt.js
146.190.217.48200 OK 57 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/uwt.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash d4de8398858246712016031c834bb061
49709126e0fcb914a62f3255ae3ffe45a3fbe0ae
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/uwt.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 57443
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/analytics.js
146.190.217.48200 OK 50 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/analytics.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (1325)
Hash d40531c5e99a6f84e42535859476fe35
a901817d77b2fe5259c298c91bc65c54d7f8a1a9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/analytics.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 50205
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/533374513433337.js
146.190.217.48200 OK 300 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/533374513433337.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (64471)
Size 300 kB (299569 bytes)
Hash 0a2cbee261f2e425bff7fc07d7f9ca3d
9221089d50eaffb6e91a0ea72f959b8179f3ebde
610928101a7f43c8867aa36e558ab9e8ed2b7317146ef07e8a71d94138eab021
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/533374513433337.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 299569
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/fbevents.js
146.190.217.48200 OK 103 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/fbevents.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (64348)
Size 103 kB (102880 bytes)
Hash e61c2ad4afdaf056d9fcbbef6171d5d4
cd5f9eb9f949d9df3ccc612aef7488323d47453d
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/fbevents.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 102880
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/jquery-3.4.1.min.js
146.190.217.48200 OK 88 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/jquery-3.4.1.min.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (65451)
Hash 220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/jquery-3.4.1.min.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 88145
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/gtm.js
146.190.217.48200 OK 595 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/gtm.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (65324)
Size 595 kB (595232 bytes)
Hash ef02b258cb77519b8cf828636c582def
4c55898c2c48cee49bd6f13b31b320273dea1d0e
dca37231c4e9dace9bbce9aa5c2d33a4d59ef6557685a817f56f8dd9d563eb50
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/gtm.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 595232
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/bootstrap.min.js
146.190.217.48200 OK 37 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/bootstrap.min.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (32004)
Hash 3ce14f06108f17762e1ca97f4e1562c0
379364d99c41f21065bbce52e6155647dd68bf90
b74f3607fed740eb63f0e6a651c4830b1ce196abdcd8b1f65e2cf94a79439fff
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/bootstrap.min.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 37055
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/jquery.blockUI.js
146.190.217.48200 OK 10 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/jquery.blockUI.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (1108)
Hash 50dc82a6bccb47056ff0e7ba58444757
70c38af19b6102b82ea3ed8ed2a944cc5b9cc4ef
9042406f497a91162205ae6bba16ca4b34af374324dae0396ca70150015bebd1
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/jquery.blockUI.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 10504
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 17a4fbf35710e5a6012519878ac76b10
d83f5813e680c07aa1496c0694c6bb7cc107d62a
5afe841f4c75f352e2761102787a6cf2dd3876950337c1afc9e0833f3e335323
GET /gtm.js?id=GTM-MVCC8H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 29 Oct 2022 06:59:53 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/global.js
146.190.217.48200 OK 19 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/global.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (2224)
Hash 6eff9885269f11044ece8d7b43b9c3fb
bf6fc4982b95acc976ffb26b288b04cb83b394fc
d0e2a97d2d6293ea10c291f1f1e3b3f3f2301bc0e1ea8f2f30e9d29a667df9b5
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/global.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 18696
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/sed-usps-70fc8edc.js
146.190.217.48200 OK 440 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/sed-usps-70fc8edc.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (65377)
Size 440 kB (439984 bytes)
Hash 792c586a531d21d8d0565ef7cc144fcc
3abd016b653221a9542d928edc4e7e367cf4593e
8ead63f0da0ecd7d0361b001e86ee1c27c3bcdf4e96c91b6b2d820d82ca60c64
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/sed-usps-70fc8edc.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 439984
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/Universal-Federated-Analytics-Min.js
146.190.217.48200 OK 19 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/Universal-Federated-Analytics-Min.js
IP 146.190.217.48:0
File type C source, ASCII text, with very long lines (548)
Hash 9e1b714f83b726462a83db0033bac6db
d730ff339fc2379a66e33f981d5c86eea12d932b
456e60679a0853b3c885219ac1b8ffa4becb397615e2af7c5b3d8051241f569f
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/Universal-Federated-Analytics-Min.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 18764
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/ie10-viewport-bug-workaround.js
146.190.217.48200 OK 459 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/ie10-viewport-bug-workaround.js
IP 146.190.217.48:0
Hash 8421afc5cbaa78de3e030108193ec566
9bcfb9e76a9c0d2c0abf7a414108d53447eba261
238b4df98a2c023801e777788f40350c1f4ad6599af5eac43d09eff720c79c48
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/ie10-viewport-bug-workaround.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 459
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/embed.js
146.190.217.48200 OK 1.6 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/embed.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (444)
Hash 71c3f4a1ab4918e732829f77026e76db
ac96d5a9a18b01c070665e8892df8001c3b9c0ae
85b0f3cd06a802ecc9327dd4b40155a92ebc4447459660910e579482cf9b1e87
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/embed.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1568
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 649fd0664937cf1039bd2f668b2ded1c
81876f9fc2e9d514c93bdab49d86691aad7aa1c2
2d4fb3a785646ac3b963ed7f7c8252a6b732b28b8f0fc44618e03ac44ef4d222
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6345
Cache-Control: max-age=88497
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:53 GMT
Etag: "635b6d51-1d7"
Expires: Sun, 30 Oct 2022 07:34:50 GMT
Last-Modified: Fri, 28 Oct 2022 05:49:05 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
usps-postage-mail-forwarding-receiving-parcel.zyns.com/__imp_apg__/js/sed-usps-70fc8edc.js
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/__imp_apg__/js/sed-usps-70fc8edc.js
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /__imp_apg__/js/sed-usps-70fc8edc.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734; _clck=9fjt3x|1|f64|0
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-receiving-parcel.zyns.com/entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734; _clck=9fjt3x|1|f64|0
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
tr.snapchat.com/log/error
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/log/error
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /log/error HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------377963447115739705961188767876
Content-Length: 1163
Origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 29 Oct 2022 06:59:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/js_002
146.190.217.48200 OK 162 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/js_002
IP 146.190.217.48:0
File type ASCII text, with very long lines (1825)
Size 162 kB (162143 bytes)
Hash c1e6d2af96187dc8169f15477e2ba4e7
326b9c97acd65d784003c326d2e79e1b6f6e1071
a5dfefdfae782213f00b7d7cf2d96a0dfca54a6df79a7f24817e1e1b684ce192
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/js_002 HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 162143
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 649fd0664937cf1039bd2f668b2ded1c
81876f9fc2e9d514c93bdab49d86691aad7aa1c2
2d4fb3a785646ac3b963ed7f7c8252a6b732b28b8f0fc44618e03ac44ef4d222
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5990
Cache-Control: max-age=88142
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:53 GMT
Etag: "635b6d51-1d7"
Expires: Sun, 30 Oct 2022 07:28:55 GMT
Last-Modified: Fri, 28 Oct 2022 05:49:05 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
usps-postage-mail-forwarding-receiving-parcel.zyns.com/entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734; _clck=9fjt3x|1|f64|0
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-receiving-parcel.zyns.com/entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734; _clck=9fjt3x|1|f64|0
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/ajax-loader-t.gif
146.190.217.48200 OK 3.2 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/ajax-loader-t.gif
IP 146.190.217.48:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash b9f5558507d20d1501a945f9bc0f4ce4
672975a0c049de369b02bd1b5ce0820fd5d9832d
d2a3b54eecee14be7278f861de0d7d95509321f0a28fd18052334cbbd369201a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/ajax-loader-t.gif HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 3208
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c38d7d921acdf1366a9d005ae733f173
b90bc7558a2c9cc0871243584397dd1e317bdad1
9bf166fa1fe39701758fb862610e423b26c9726038f9f3290d6615e13972af69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/adsct_002.gif
146.190.217.48200 OK 43 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/adsct_002.gif
IP 146.190.217.48:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/adsct_002.gif HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/0
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/0
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/0 HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/adsct.gif
146.190.217.48200 OK 43 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/adsct.gif
IP 146.190.217.48:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/adsct.gif HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/logo-mini-sb.png
146.190.217.48200 OK 24 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/logo-mini-sb.png
IP 146.190.217.48:0
File type PNG image data, 135 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 43707dd65a8c8ec7754b7b45fd483488
f258a5de57dfa37baf13296da6055e8f8881d742
585262db6911000f59795831f9db7bb41477bcafb135c82b51b0473363134fcf
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/logo-mini-sb.png HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 23625
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/des_brd_2color_logo_274x79.png
146.190.217.48200 OK 7.2 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/des_brd_2color_logo_274x79.png
IP 146.190.217.48:0
File type PNG image data, 274 x 79, 8-bit/color RGBA, non-interlaced\012- data
Hash 7540a3abf4dc11dcbd1d381523956ad4
c634a237fb86e9eb6efe396bc5dd1548956c338f
194aeec3c0a28672905ad28fc88a464c2db67ab4277b1d29c3e5275013f2c638
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/des_brd_2color_logo_274x79.png HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 7177
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
142.250.74.168200 OK 131 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
IP 142.250.74.168:0
File type ASCII text, with very long lines (65324)
Size 131 kB (130885 bytes)
Hash 68db1057e311a3cfad12b77581d27d20
e73e72aec8a81ee9f72184f75bf90f24cb158e04
e6c87b898e67b142600bef59f398dd07fec17ec2179c9cbf9145ee40c80bba68
GET /gtm.js?id=GTM-MVCC8H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 29 Oct 2022 06:59:53 GMT
expires: Sat, 29 Oct 2022 06:59:53 GMT
cache-control: private, max-age=900
last-modified: Sat, 29 Oct 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 130885
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13289
Expires: Sat, 29 Oct 2022 10:41:22 GMT
Date: Sat, 29 Oct 2022 06:59:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13289
Expires: Sat, 29 Oct 2022 10:41:22 GMT
Date: Sat, 29 Oct 2022 06:59:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13289
Expires: Sat, 29 Oct 2022 10:41:22 GMT
Date: Sat, 29 Oct 2022 06:59:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13289
Expires: Sat, 29 Oct 2022 10:41:22 GMT
Date: Sat, 29 Oct 2022 06:59:53 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c38d7d921acdf1366a9d005ae733f173
b90bc7558a2c9cc0871243584397dd1e317bdad1
9bf166fa1fe39701758fb862610e423b26c9726038f9f3290d6615e13972af69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ed0e856-e7a8-4b66-8b47-6376c7ef215f.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ed0e856-e7a8-4b66-8b47-6376c7ef215f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29f8a8bdab8c8b28242ea7227be2d471
aa097b7f69b5369277d405238bbbb19081c3c3da
ec9a37f12ce0fb63e907ac3e5cbba04f392dfe44432422a839fc9c6ea66ec176
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ed0e856-e7a8-4b66-8b47-6376c7ef215f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8239
x-amzn-requestid: 7dd9eebd-2c20-4e7c-ba5d-349dc15abe61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCGmH3eIAMFhcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a2a-3dfa40935763bd2641e7e53a;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:22 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9tjWGS2L9mjQHuhRpOmnR5jIxAys2om70GRzupGsQ4rZZPaz7uITog==
via: 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 22:02:40 GMT
age: 32233
etag: "aa097b7f69b5369277d405238bbbb19081c3c3da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3d9a213-ef55-4ec1-836e-6dede0d7ffd3.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3d9a213-ef55-4ec1-836e-6dede0d7ffd3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc22a7370f5dad19546be6f1c83fe308
817e9cf3ea980056a1f2c5e502573a941abfeb2c
b991ed3b3798f918a7b4d0b7679cf8b574e2dc750fb3cfb4cef0ae08b6a8ac5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3d9a213-ef55-4ec1-836e-6dede0d7ffd3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7831
x-amzn-requestid: 53b46e70-8745-473c-b890-da4ed4a58be6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCInEVwIAMFjNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a36-26329afd60e5c20a42e73373;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JDece3pAg6JXO-AhPKslgZGbs7xI0EWv4siNyKZA9FMO3Xc9eJWT4g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 22:03:04 GMT
age: 32209
etag: "817e9cf3ea980056a1f2c5e502573a941abfeb2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb1110221ffc54766308cbf62f94cd9f
926f36919d5875592200b78d286edcb4c3ba884c
8344d57bc8358da2a5911c62a344a3dcf819ce44dac0da0624c73ab40ac1ef44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9460
x-amzn-requestid: c1eef336-bec0-47f0-bd30-17de593de8f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: asgW3E8uIAMFpgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b475e-60346ff475ec335e0499d17f;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 03:07:10 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P3-UxGtr6HKLtsZUHXV_4CgAd3LQBceo_1NUwrfWhWoGoTEKS7KGAw==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:51:02 GMT
age: 32931
etag: "926f36919d5875592200b78d286edcb4c3ba884c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97b6c4b-9ae3-43f9-a0be-52e33d2041b0.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97b6c4b-9ae3-43f9-a0be-52e33d2041b0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ab38f9f7924c7ee9271368faf55a2ee
2508c0e5c7471244baa94fbc97769e5a19641a34
c314c69fc7e82538b2694da79c93a909620a1820e9ef8a25c3d8b675118e3e79
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97b6c4b-9ae3-43f9-a0be-52e33d2041b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: b2135b5e-6dd3-428d-bad7-4680d4901c1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apx9yEjqIAMFyww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a3058-07750d410ef3b2b76ba619aa;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:16:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: h_D81i0fenV1m8ATD1YOSzRPCfILwPRGrrDwLZfTHB66oVFUyMqn1A==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 11:55:36 GMT
age: 68657
etag: "2508c0e5c7471244baa94fbc97769e5a19641a34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/generic1658346138978.js
146.190.217.48200 OK 34 kB URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/generic1658346138978.js
IP 146.190.217.48:0
File type GIF image data, version 89a, 296 x 148\012- data
Hash 423fe309a7d018c0564073e394e3f08a
be17adacd18cd27ee9eab147ee4f32580b81a3eb
be1e605b8b0a99b36e840b4e68a51406f1939d4ec336e198d732ae5bc65e3a3e
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/generic1658346138978.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:53 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 408458
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fceebbafb-5606-4dd7-970b-9058a65b2da1.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fceebbafb-5606-4dd7-970b-9058a65b2da1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fad358ac1db8f945d817546c9c928674
685b3bdf0c778c24e6b252a527f2c470f1f78864
275db57a05e1074afa22fc0ecd3c63be4e71eec401f43f2ec8aef96ab458b49f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fceebbafb-5606-4dd7-970b-9058a65b2da1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8772
x-amzn-requestid: b8160c70-8581-407a-b3e3-0e4f70c7eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCGmH-tIAMFixw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a2a-697947866fe71d047316aef4;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:22 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ehzErx2Oz1BrUEKfbi7z-_0k7h96fCVRqwUB-Wlf-TDC9Ls_B4I8ig==
via: 1.1 22d43bf299ac98b08849f5a01a8af246.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:45:04 GMT
age: 33289
etag: "685b3bdf0c778c24e6b252a527f2c470f1f78864"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=400447961&t=pageview&_s=1&dl=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&dp=%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEBAAQABEAAAAC~&jid=471128140&gjid=1899263382&cid=1694847540.1667026792&tid=UA-33523145-1&_gid=1692340581.1667026792&_r=1&cd1=unspecified%3Ausps-postage-mail-forwarding-receiving-parcel.zyns.com&cd2=unspecified%3Ausps-postage-mail-forwarding-receiving-parcel.zyns.com%20-%20usps-postage-mail-forwarding-receiving-parcel.zyns.com&cd3=20181010%20v4.1%20-%20Universal%20Analytics&cd4=unspecified%3Ausps-postage-mail-forwarding-receiving-parcel.zyns.com&cd5=unspecified%3Ausps-postage-mail-forwarding-receiving-parcel.zyns.com&cd6=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FKNYGHT%2F1%2FUniversal-Federated-Analytics-Min.js&cd7=http%3A&z=1525065962
216.239.32.178200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=400447961&t=pageview&_s=1&dl=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&dp=%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEBAAQABEAAAAC~&jid=471128140&gjid=1899263382&cid=1694847540.1667026792&tid=UA-33523145-1&_gid=1692340581.1667026792&_r=1&cd1=unspecified%3Ausps-postage-mail-forwarding-receiving-parcel.zyns.com&cd2=unspecified%3Ausps-postage-mail-forwarding-receiving-parcel.zyns.com%20-%20usps-postage-mail-forwarding-receiving-parcel.zyns.com&cd3=20181010%20v4.1%20-%20Universal%20Analytics&cd4=unspecified%3Ausps-postage-mail-forwarding-receiving-parcel.zyns.com&cd5=unspecified%3Ausps-postage-mail-forwarding-receiving-parcel.zyns.com&cd6=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FKNYGHT%2F1%2FUniversal-Federated-Analytics-Min.js&cd7=http%3A&z=1525065962
IP 216.239.32.178:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&aip=1&a=400447961&t=pageview&_s=1&dl=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&dp=%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEBAAQABEAAAAC~&jid=471128140&gjid=1899263382&cid=1694847540.1667026792&tid=UA-33523145-1&_gid=1692340581.1667026792&_r=1&cd1=unspecified%3Ausps-postage-mail-forwarding-receiving-parcel.zyns.com&cd2=unspecified%3Ausps-postage-mail-forwarding-receiving-parcel.zyns.com%20-%20usps-postage-mail-forwarding-receiving-parcel.zyns.com&cd3=20181010%20v4.1%20-%20Universal%20Analytics&cd4=unspecified%3Ausps-postage-mail-forwarding-receiving-parcel.zyns.com&cd5=unspecified%3Ausps-postage-mail-forwarding-receiving-parcel.zyns.com&cd6=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FKNYGHT%2F1%2FUniversal-Federated-Analytics-Min.js&cd7=http%3A&z=1525065962 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
date: Sat, 29 Oct 2022 06:59:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-3NXP3C8S9V&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=G-3NXP3C8S9V&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 14c26ac19a5a2b8e918bf9ab75fc9a83
36abfe8fc2f8ed161de115f3ab0044bdd88619af
2d8b2c82a19a1ef9ccbea6648015693df2d0c167d0b78a7c0afe28c659562898
GET /gtag/js?id=G-3NXP3C8S9V&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-3NXP3C8S9V&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 29 Oct 2022 06:59:53 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f331a42514e31cd1fa0ee4b183e181b9
ec51490d94b697f50238a4eb1360c70cbcd7db76
594e990b677a3811125884bb166da7dba31434a2ff4b6fe3f2c24d2a23fec575
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80133954-3&cid=1694847540.1667026792&jid=2074815551&gjid=345115402&_gid=1692340581.1667026792&_u=aGDAiUABFAAAAG~&z=2025715482
173.194.222.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80133954-3&cid=1694847540.1667026792&jid=2074815551&gjid=345115402&_gid=1692340581.1667026792&_u=aGDAiUABFAAAAG~&z=2025715482
IP 173.194.222.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80133954-3&cid=1694847540.1667026792&jid=2074815551&gjid=345115402&_gid=1692340581.1667026792&_u=aGDAiUABFAAAAG~&z=2025715482 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 29 Oct 2022 06:59:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.85.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.85.140:0
File type ASCII text, with very long lines (25224)
Hash 95212d33cfff78ad59f5af5b20c48c53
9b99a4091a6eb716bc68f1428e3c86eca068b25b
bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 29 Oct 2022 06:59:53 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
54.230.82.240200 OK 8.8 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (25360), with no line terminators
Hash e9a9d4e245fb5df1ac33be19306752e8
246e5996a63a71ce325dff7ca6c9ef71f324b62f
64211912b65ff9a15aa212c8e8f5d4e60b86629d305c130f8824eb55837b8d4a
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 8764
server: CloudFront
date: Sat, 29 Oct 2022 06:59:53 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Sun, 30 Oct 2022 06:29:44 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eu0FoWIihiVVUdLqp_7c7hG7HXcZmZozArOXL2byAHwHQ-tKJw4hAg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f331a42514e31cd1fa0ee4b183e181b9
ec51490d94b697f50238a4eb1360c70cbcd7db76
594e990b677a3811125884bb166da7dba31434a2ff4b6fe3f2c24d2a23fec575
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
usps-postage-mail-forwarding-receiving-parcel.zyns.com/entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734; _clck=9fjt3x|1|f64|0; _ga=GA1.3.1694847540.1667026792; _gid=GA1.3.1692340581.1667026792; _gat_GSA_ENOR0=1; _gcl_au=1.1.1454341237.1667026792; _ga=GA1.1.1694847540.1667026792; _gid=GA1.2.1692340581.1667026792; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667026792.1.0.1667026792.0.0.0
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 06:59:54 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
104.110.27.57200 OK 528 B URL HTTP/2 resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
IP 104.110.27.57:0
File type ASCII text, with very long lines (587)
Hash 1f5b6140f94844fff6133ef3693807ed
18c8767fca06b62e0bdd36dc0ef1a79c9dbe184e
e77717350bf9c42df8bb7c067d33a86310c17691898c1cf7def4e9b01fdc8cb1
GET /wdcgov/2/onsite/embed.js HTTP/1.1
Host: resources.digital-cloud-gov.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Tue Sep 06 2022 17:55:25 GMT+0000 (Coordinated Universal Time)
etag: "125dd36304d04069544702f1a8e8e277"
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-encoding: gzip
content-length: 528
cache-control: private, max-age=0
date: Sat, 29 Oct 2022 06:59:54 GMT
vary: Accept-Encoding
set-cookie: SERVERID=10.241.23.92; path=/
access-control-max-age: 86400
access-control-allow-origin: *
X-Firefox-Spdy: h2
usps-postage-mail-forwarding-receiving-parcel.zyns.com/entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734; _clck=9fjt3x|1|f64|0; _ga=GA1.3.1694847540.1667026792; _gid=GA1.3.1692340581.1667026792; _gat_GSA_ENOR0=1; _gcl_au=1.1.1454341237.1667026792; _ga=GA1.1.1694847540.1667026792; _gid=GA1.2.1692340581.1667026792; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667026792.1.0.1667026792.0.0.0
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 06:59:54 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/0
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/0
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/0 HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734; _clck=9fjt3x|1|f64|0; _ga=GA1.3.1694847540.1667026792; _gid=GA1.3.1692340581.1667026792; _gat_GSA_ENOR0=1; _gcl_au=1.1.1454341237.1667026792; _ga=GA1.1.1694847540.1667026792; _gid=GA1.2.1692340581.1667026792; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667026792.1.0.1667026792.0.0.0; _rdt_uuid=1667026792145.e0186753-7ccd-4138-b950-f50145dfc280
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 06:59:54 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/pixel.htm
146.190.217.48200 OK 108 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/pixel.htm
IP 146.190.217.48:0
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 67c58a38087e1a243fd14984f663b520
d39158107e8711b6d9fbe13be4a3a3156f571e08
ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/pixel.htm HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734; _clck=9fjt3x|1|f64|0; _ga=GA1.3.1694847540.1667026792; _gid=GA1.3.1692340581.1667026792; _gat_GSA_ENOR0=1; _gcl_au=1.1.1454341237.1667026792; _ga=GA1.1.1694847540.1667026792; _gid=GA1.2.1692340581.1667026792; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667026792.1.0.1667026792.0.0.0; _rdt_uuid=1667026792145.e0186753-7ccd-4138-b950-f50145dfc280
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:54 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 108
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 15375
Last-Modified: Thu, 27 Oct 2022 18:55:37 GMT
Cache-Control: no-cache
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
Accept-Ranges: bytes
Date: Sat, 29 Oct 2022 06:59:54 GMT
X-Served-By: cache-iad-kjyo7100147-IAD, cache-bma1634-BMA
X-Cache: HIT, HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
104.110.27.57200 OK 528 B URL HTTP/2 resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
IP 104.110.27.57:0
File type ASCII text, with very long lines (587)
Hash 1f5b6140f94844fff6133ef3693807ed
18c8767fca06b62e0bdd36dc0ef1a79c9dbe184e
e77717350bf9c42df8bb7c067d33a86310c17691898c1cf7def4e9b01fdc8cb1
GET /wdcgov/2/onsite/embed.js HTTP/1.1
Host: resources.digital-cloud-gov.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue Sep 06 2022 17:55:25 GMT+0000 (Coordinated Universal Time)
If-None-Match: "125dd36304d04069544702f1a8e8e277"
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Tue Sep 06 2022 17:55:25 GMT+0000 (Coordinated Universal Time)
etag: "125dd36304d04069544702f1a8e8e277"
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-encoding: gzip
content-length: 528
cache-control: private, max-age=0
date: Sat, 29 Oct 2022 06:59:54 GMT
vary: Accept-Encoding
set-cookie: SERVERID=10.241.23.92; path=/
access-control-max-age: 86400
access-control-allow-origin: *
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11367
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 17:32:37 GMT
Accept-Ranges: bytes
ETag: "80a8697a8a2d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=153FF3656C1C66263AF6E1296D4B6749; domain=.bing.com; expires=Thu, 23-Nov-2023 06:59:54 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 11892EFA80FE45CEADD6A0E0EEF238DD Ref B: OSL30EDGE0314 Ref C: 2022-10-29T06:59:54Z
Date: Sat, 29 Oct 2022 06:59:53 GMT
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Sat, 29 Oct 2022 06:12:35 GMT
Expires: Sat, 29 Oct 2022 08:12:35 GMT
Cache-Control: public, max-age=7200
Age: 2839
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 48a0b34e53604c8d71744601c29696df
c69382cd7434dcc754f86fafa1b455c3259bb6f0
921da11d1c3042d1c767ba8971ac7308a214e8bf0046d7252af0ecd77050b8ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3438
Cache-Control: max-age=86282
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:54 GMT
Etag: "635b7006-1d7"
Expires: Sun, 30 Oct 2022 06:57:56 GMT
Last-Modified: Fri, 28 Oct 2022 06:00:38 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash dab02b42c136faced9b65952be108556
603536789f04e81bb0563cedc02585908dc8fb83
37a00d01747f2c9c4d2a66ced3548cf75049fd378fb2a5938dc0534453128721
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 20c69990e9f2324ecbf75090016c6acd
45c7098e6bb31c439bad5752935770dd9b801617
d12d3f4a51368230c20f54388c3062144a9f54a70cc3d6f784599ea1b0668dee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 89Lta0l+k2V5fBjapFTXctXRBpOG9Rurz0NsjB8IQCqktcFeW/1FpPUIU9FMWnkXvAM8HFHNQGTs3qkFHGbhPw==
content-length: 27337
x-fb-trip-id: 1904183273
date: Sat, 29 Oct 2022 06:59:54 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 20c69990e9f2324ecbf75090016c6acd
45c7098e6bb31c439bad5752935770dd9b801617
d12d3f4a51368230c20f54388c3062144a9f54a70cc3d6f784599ea1b0668dee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.co.in/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 42 B URL HTTP/2 www.google.co.in/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 06:59:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 48a0b34e53604c8d71744601c29696df
c69382cd7434dcc754f86fafa1b455c3259bb6f0
921da11d1c3042d1c767ba8971ac7308a214e8bf0046d7252af0ecd77050b8ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4710
Cache-Control: max-age=87554
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:54 GMT
Etag: "635b7006-1d7"
Expires: Sun, 30 Oct 2022 07:19:08 GMT
Last-Modified: Fri, 28 Oct 2022 06:00:38 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 06:59:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 34b6d5b94de5aa9a11745592f84aad0d
85c2890e443bcb8bc4443bf2d57fc0462b797617
39b175887782c7b0586123cc938fb5651c5edb230ae1d45be41de351ac42bff1
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 29 Oct 2022 06:59:54 GMT
expires: Sat, 29 Oct 2022 06:59:54 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16072662367159696676
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15168
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash dab02b42c136faced9b65952be108556
603536789f04e81bb0563cedc02585908dc8fb83
37a00d01747f2c9c4d2a66ced3548cf75049fd378fb2a5938dc0534453128721
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.pinimg.com/ct/core.js
23.38.200.197200 OK 1.1 kB IP 23.38.200.197:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash d46ca479169e57f877e12fcf654873be
7403052faf6a9a3614c771ae29760553541db34a
e5cf17e004a172d469b4420142e8ced5c0c058c85e8adee76f00c0074d3e2447
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "d46ca479169e57f877e12fcf654873be"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.clarity.ms/eus2-e/s/0.6.40/clarity.js
13.107.246.53404 Not Found 0 B URL HTTP/2 www.clarity.ms/eus2-e/s/0.6.40/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eus2-e/s/0.6.40/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
x-cache: CONFIG_NOCACHE
x-azure-ref: 0as9cYwAAAACh1vKcymCFRpmuKZaE+lnmU1ZHMjBFREdFMDUxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 29 Oct 2022 06:59:53 GMT
content-length: 0
X-Firefox-Spdy: h2
alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1667026791959
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1667026791959
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1667026791959 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
content-type: image/gif
accept-ranges: bytes
date: Sat, 29 Oct 2022 06:59:54 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.55e552f9.js
23.38.200.197200 OK 19 kB URL HTTP/2 s.pinimg.com/ct/lib/main.55e552f9.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (54284), with no line terminators
Hash 84c1602180f73853dc1e35f7296bdf7d
40aea44ea928e8d539381759b791f5c70f6d4c82
6b2faea09b5d5015a36ab4300e1034e1907895b40249e5fd11b42a66fbd21dac
GET /ct/lib/main.55e552f9.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "84c1602180f73853dc1e35f7296bdf7d"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 18601
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fdbbaff62c946475f71f8e99c60e1e9d
90fe5578e35623d48f4385925e81933cabc315c7
0211cb7f23600fb3e659f65c4f2e832ea2fed1daec7d550cdbc2cd8746e73851
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1667026791892
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1667026791892
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1667026791892 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
content-type: image/gif
accept-ranges: bytes
date: Sat, 29 Oct 2022 06:59:54 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1667026792149&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=e0186753-7ccd-4138-b950-f50145dfc280&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1667026792149&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=e0186753-7ccd-4138-b950-f50145dfc280&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1667026792149&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=e0186753-7ccd-4138-b950-f50145dfc280&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Sat, 29 Oct 2022 06:59:54 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1667026792615
23.38.200.197200 OK 382 B URL HTTP/2 ct.pinterest.com/user/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1667026792615
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (539), with no line terminators
Hash 4133ff14bfae835ba7a2976dd28e0b9b
16163c58f272d772629605e987cdcc02fc1d78a2
c887dfff8fa67dd6fa30fae875db0c94ff1ad8ae8fc48a81ef2e1d262dfb44a4
GET /user/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1667026792615 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU5HWm1ORE00WW1JdE5HRXhaQzAwT1dJeExUbGxPR0V0TjJRNE1qUXhZbU16TldVMg
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 382
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1468611014548977
date: Sat, 29 Oct 2022 06:59:54 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1667026794.eaf17f8
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1667026792146&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=e0186753-7ccd-4138-b950-f50145dfc280&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
151.101.85.140200 OK 171 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1667026792146&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=e0186753-7ccd-4138-b950-f50145dfc280&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
IP 151.101.85.140:0
File type gzip compressed data, from Unix\012- data
Hash d28c0b8d4ebb2fc664d8df53a5ce314c
6b6212c8e75515864de10e489e051ed83cfede99
2a9ff79b8d279f02037b8a8c3cb9e4a0a98f872dca822a608892047ae29b1ecf
GET /rp.gif?ts=1667026792146&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=e0186753-7ccd-4138-b950-f50145dfc280&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Sat, 29 Oct 2022 06:59:54 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
reg.usps.com/entreg/favicon.ico
192.229.221.165200 OK 1.2 kB URL HTTP/2 reg.usps.com/entreg/favicon.ico
IP 192.229.221.165:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 178819cc32a7774822e3550c57cd20aa
c8050ec440e8cc1367a6115934edc0bf94a0d343
8565aaa87282f585b8a021ee0e693f662eb179df62890d01e086cc9f23dec1d2
GET /entreg/favicon.ico HTTP/1.1
Host: reg.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
age: 17033
cache-control: no-cache
content-type: image/x-icon
date: Sat, 29 Oct 2022 06:59:54 GMT
etag: "47e-5ea5d077c5480"
expires: Sat, 29 Oct 2022 06:59:53 GMT
last-modified: Thu, 06 Oct 2022 12:42:42 GMT
server: ECAcc (dcb/7F0E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN, DENY
x-ruleset-version: 2.5
content-length: 1150
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1667026792565&cv=9&fst=1667026792565&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=1454341237.1667026792&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1667026792565&cv=9&fst=1667026792565&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=1454341237.1667026792&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2646), with no line terminators
Hash fbc8b131adc58704d89d670cf8c1b4a4
f7da096ee053741e7394f855465bb71e5eed8ccf
49a380563c65cdac52d8ff460fdf68531712c40d25e1bbae09b0320c45298377
GET /pagead/viewthroughconversion/978081151/?random=1667026792565&cv=9&fst=1667026792565&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=1454341237.1667026792&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 06:59:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 29-Oct-2022 07:14:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1667026792566&cv=9&fst=1667026792566&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=1454341237.1667026792&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1667026792566&cv=9&fst=1667026792566&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=1454341237.1667026792&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2648), with no line terminators
Hash 766d80644d33f39ce8ea8fc293adb629
587065a9307d39e87862fbc5c7c279f583932ea3
6d1c5fdbbff3d1dc71402539d9227b1a939c8e0160cfa48e6b6e1619690573ca
GET /pagead/viewthroughconversion/978081151/?random=1667026792566&cv=9&fst=1667026792566&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=1454341237.1667026792&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 06:59:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 29-Oct-2022 07:14:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=21006064&Ver=2&mid=b9427ae0-1a10-4c00-9bbc-cac823401ad8&sid=497b1180575711edbfa3cbe232fd8a7a&vid=497b2830575711edb7e80514049e2b69&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=USPS.com%C2%AE%20-%20Account%20Verification&p=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&r=<=3008&evt=pageLoad&sv=1&rn=254691
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=21006064&Ver=2&mid=b9427ae0-1a10-4c00-9bbc-cac823401ad8&sid=497b1180575711edbfa3cbe232fd8a7a&vid=497b2830575711edb7e80514049e2b69&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=USPS.com%C2%AE%20-%20Account%20Verification&p=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&r=<=3008&evt=pageLoad&sv=1&rn=254691
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=21006064&Ver=2&mid=b9427ae0-1a10-4c00-9bbc-cac823401ad8&sid=497b1180575711edbfa3cbe232fd8a7a&vid=497b2830575711edb7e80514049e2b69&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=USPS.com%C2%AE%20-%20Account%20Verification&p=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&r=<=3008&evt=pageLoad&sv=1&rn=254691 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=174B2EFB949A683E22813CB7956F698D; domain=.bing.com; expires=Thu, 23-Nov-2023 06:59:54 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 686E6F2D96E9460BA9D9099EE69269FA Ref B: OSL30EDGE0109 Ref C: 2022-10-29T06:59:54Z
date: Sat, 29 Oct 2022 06:59:54 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/21006064.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/21006064.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/21006064.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
set-cookie: MUID=0D775898CC206186186D4AD4CDD5604D; domain=.bing.com; expires=Thu, 23-Nov-2023 06:59:54 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 41DA35ADA1344EE58BC49A9E98C402DE Ref B: OSL30EDGE0109 Ref C: 2022-10-29T06:59:54Z
date: Sat, 29 Oct 2022 06:59:54 GMT
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22961e55a4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1667026792624
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22961e55a4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1667026792624
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22961e55a4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1667026792624 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1192010677622683
date: Sat, 29 Oct 2022 06:59:54 GMT
akamai-grn: 0.274f2417.1667026794.eaf1e95
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/21006064
13.107.246.53200 OK 1.8 kB URL HTTP/2 www.clarity.ms/tag/uet/21006064
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash e7075192915ce4d3fea6ee40eed34090
0faa23d2c2de0302bbe74526ffcf10f9c7c1ebac
b40387c4f907b835ef84232a1652d7b99bea5bc285ead19dba76d674efcc0620
GET /tag/uet/21006064 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=b289dbce35c3433f8a938cc7fa85c5d2.20221029.20231029; expires=Sun, 29 Oct 2023 06:59:54 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
x-cache: CONFIG_NOCACHE
x-azure-ref: 0as9cYwAAAADv0WP6wlDZRZHT5/1PnV2vU1ZHMjBFREdFMDUxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 29 Oct 2022 06:59:53 GMT
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.961e55a4.js
23.38.200.197200 OK 21 kB URL HTTP/2 s.pinimg.com/ct/lib/main.961e55a4.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (59868), with no line terminators
Hash b9be241e8240e73bb66301c5815d5b3b
973261463c6e3e330d198cb558762a0808d59b7d
3d6a84853133ded02b2646243cd6ed3c91343d2922cb30f8a305386f3d918b4b
GET /ct/lib/main.961e55a4.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "b9be241e8240e73bb66301c5815d5b3b"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20740
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
k.clarity.ms/collect
20.96.88.162204 No Content 0 B IP 20.96.88.162:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: k.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2750
Origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
access-control-allow-origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
access-control-allow-credentials: true
date: Sat, 29 Oct 2022 06:59:54 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash efc264bca02de745236742e3b9102036
23db487641ddc8c384fe71e6cbf1345d664a2db0
036938688a5648bab7c7a326aaccee94af77349428261298c2710cef23c4207a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash efc264bca02de745236742e3b9102036
23db487641ddc8c384fe71e6cbf1345d664a2db0
036938688a5648bab7c7a326aaccee94af77349428261298c2710cef23c4207a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/978081151/?random=1667026792565&cv=9&fst=1667023200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=177974082&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/978081151/?random=1667026792565&cv=9&fst=1667023200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=177974082&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1667026792565&cv=9&fst=1667023200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=177974082&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 06:59:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/978081151/?random=1667026792566&cv=9&fst=1667023200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=3144869114&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/978081151/?random=1667026792566&cv=9&fst=1667023200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=3144869114&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1667026792566&cv=9&fst=1667023200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=3144869114&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 29 Oct 2022 06:59:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sc-static.net/js-sha256-v1.min.js
54.230.82.240200 OK 8.2 kB URL HTTP/2 sc-static.net/js-sha256-v1.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (22177), with no line terminators
Hash ea94c2b7391537ff1e9d67d1f348eabb
ebfec438efd88904663c2f4871c9f0f0e09370bc
1dbcefd525accb97631d65e63b9dc95ffa37582adbd5407cd7a4ce1714d21382
GET /js-sha256-v1.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 29 Oct 2022 06:59:55 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: Content-Type
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
etag: W/"68f2467c84878293c9ee497dbc99a17f"
cache-control: public, s-maxage=86400, max-age=600
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vf_3T4VFylMoHdLpFR9ih3SNK0oWUi6Qfq1SAK3wNggncmPtypYeSg==
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=533374513433337&ev=PageView&dl=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&rl=&if=false&ts=1667026793115&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667026793115.450739890&it=1667026792547&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=533374513433337&ev=PageView&dl=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&rl=&if=false&ts=1667026793115&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667026793115.450739890&it=1667026792547&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=533374513433337&ev=PageView&dl=http%3A%2F%2Fusps-postage-mail-forwarding-receiving-parcel.zyns.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&rl=&if=false&ts=1667026793115&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667026793115.450739890&it=1667026792547&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 29 Oct 2022 06:59:55 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 573 B IP 142.250.74.35:0
File type gzip compressed data, from Unix\012- data
Hash 3a133df42837ef92587533b21652c26d
22b949c443bdb10e504304bebaf488661cfc8034
6ae0df4d2cbd07821363517563ac1ab6c17e364353f8c267124b01c5d51625ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 06:59:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ct.pinterest.com/ct.html
23.38.200.197200 OK 323 B IP 23.38.200.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 0
referrer-policy: origin
x-pinterest-rid: 1325624415481393
date: Sat, 29 Oct 2022 06:59:55 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1667026795.eaf23fc
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=6CC97D3DEE63480D8477031C36D60E96&RedC=c.clarity.ms&MXFR=14653239ED8365CA2EEF2075E9836B7D
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=14653239ED8365CA2EEF2075E9836B7D; domain=.clarity.ms; expires=Thu, 23-Nov-2023 06:59:55 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sat, 29 Oct 2022 06:59:54 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=6CC97D3DEE63480D8477031C36D60E96&RedC=c.clarity.ms&MXFR=14653239ED8365CA2EEF2075E9836B7D
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=6CC97D3DEE63480D8477031C36D60E96&RedC=c.clarity.ms&MXFR=14653239ED8365CA2EEF2075E9836B7D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=6CC97D3DEE63480D8477031C36D60E96&RedC=c.clarity.ms&MXFR=14653239ED8365CA2EEF2075E9836B7D HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=6CC97D3DEE63480D8477031C36D60E96&MUID=2E333C9F136C68EE1CF92ED31299698C
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=2E333C9F136C68EE1CF92ED31299698C; domain=c.bing.com; expires=Thu, 23-Nov-2023 06:59:55 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 20D31AB3CDC94E93B1F31829C4C0C9BA Ref B: OSL30EDGE0109 Ref C: 2022-10-29T06:59:55Z
date: Sat, 29 Oct 2022 06:59:54 GMT
content-length: 0
X-Firefox-Spdy: h2
resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/generic1658346138978.js
104.110.27.57302 Moved Temporarily 0 B URL HTTP/1.1 resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/generic1658346138978.js
IP 104.110.27.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wdcgov/2/onsite/generic1658346138978.js HTTP/1.1
Host: resources.digital-cloud-gov.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
HTTP/1.1 302 Moved Temporarily
Location: https://resources-dcgov.medallia.com/wdcgov/2/onsite/generic1658346138978.js
Content-Length: 0
Cache-Control: no-cache
Date: Sat, 29 Oct 2022 06:59:55 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Origin: *
c.clarity.ms/c.gif?CtsSyncId=6CC97D3DEE63480D8477031C36D60E96&MUID=2E333C9F136C68EE1CF92ED31299698C
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=6CC97D3DEE63480D8477031C36D60E96&MUID=2E333C9F136C68EE1CF92ED31299698C
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=6CC97D3DEE63480D8477031C36D60E96&MUID=2E333C9F136C68EE1CF92ED31299698C HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sat, 29-Oct-2022 07:09:55 GMT; path=/; SameSite=None; Secure;
date: Sat, 29 Oct 2022 06:59:54 GMT
content-length: 42
X-Firefox-Spdy: h2
k.clarity.ms/collect
20.96.88.162204 No Content 0 B IP 20.96.88.162:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: k.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 943
Origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
access-control-allow-origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
access-control-allow-credentials: true
date: Sat, 29 Oct 2022 06:59:55 GMT
X-Firefox-Spdy: h2
usps-postage-mail-forwarding-receiving-parcel.zyns.com/__imp_apg__/api/dip/v1/dip
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/__imp_apg__/api/dip/v1/dip
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
POST /__imp_apg__/api/dip/v1/dip HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 2218
Origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734; _clck=9fjt3x|1|f64|0; _ga=GA1.3.1694847540.1667026792; _gid=GA1.3.1692340581.1667026792; _gat_GSA_ENOR0=1; _gcl_au=1.1.1454341237.1667026792; _ga=GA1.1.1694847540.1667026792; _gid=GA1.2.1692340581.1667026792; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667026792.1.0.1667026792.0.0.0; _rdt_uuid=1667026792145.e0186753-7ccd-4138-b950-f50145dfc280; mdLogger=false; kampyleUserSession=1667026792313; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _scid=45f44a02-2cc8-43ef-9005-002f623bdae7; _uetsid=497b1180575711edbfa3cbe232fd8a7a; _uetvid=497b2830575711edb7e80514049e2b69; _fbp=fb.1.1667026793115.450739890; _pin_unauth=dWlkPU5HWm1ORE00WW1JdE5HRXhaQzAwT1dJeExUbGxPR0V0TjJRNE1qUXhZbU16TldVMg; _clsk=1dzr6i7|1667026793176|1|0|k.clarity.ms/collect
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 06:59:55 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-receiving-parcel.zyns.com/__imp_apg__/api/imp/v1.0/report/?m&fq=load
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/__imp_apg__/api/imp/v1.0/report/?m&fq=load
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
POST /__imp_apg__/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
content-type: text/plain;charset=UTF-8
Origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
Content-Length: 936
Connection: keep-alive
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734; _clck=9fjt3x|1|f64|0; _ga=GA1.3.1694847540.1667026792; _gid=GA1.3.1692340581.1667026792; _gat_GSA_ENOR0=1; _gcl_au=1.1.1454341237.1667026792; _ga=GA1.1.1694847540.1667026792; _gid=GA1.2.1692340581.1667026792; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667026792.1.0.1667026792.0.0.0; _rdt_uuid=1667026792145.e0186753-7ccd-4138-b950-f50145dfc280; mdLogger=false; kampyleUserSession=1667026792313; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _scid=45f44a02-2cc8-43ef-9005-002f623bdae7; _uetsid=497b1180575711edbfa3cbe232fd8a7a; _uetvid=497b2830575711edb7e80514049e2b69; _fbp=fb.1.1667026793115.450739890; _pin_unauth=dWlkPU5HWm1ORE00WW1JdE5HRXhaQzAwT1dJeExUbGxPR0V0TjJRNE1qUXhZbU16TldVMg; _clsk=1dzr6i7|1667026793176|1|0|k.clarity.ms/collect; __ts_xfdF3__=452043780; _imp_apg_r_=%7B%22_fr%22%3A10000%7D
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 06:59:56 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-receiving-parcel.zyns.com/__imp_apg__/api/imp/v1.0/report/?x
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/__imp_apg__/api/imp/v1.0/report/?x
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
POST /__imp_apg__/api/imp/v1.0/report/?x HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
content-type: text/plain;charset=UTF-8
Origin: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com
Content-Length: 484
Connection: keep-alive
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734; _clck=9fjt3x|1|f64|0; _ga=GA1.3.1694847540.1667026792; _gid=GA1.3.1692340581.1667026792; _gat_GSA_ENOR0=1; _gcl_au=1.1.1454341237.1667026792; _ga=GA1.1.1694847540.1667026792; _gid=GA1.2.1692340581.1667026792; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1667026792.1.0.1667026792.0.0.0; _rdt_uuid=1667026792145.e0186753-7ccd-4138-b950-f50145dfc280; mdLogger=false; kampyleUserSession=1667026792313; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _scid=45f44a02-2cc8-43ef-9005-002f623bdae7; _uetsid=497b1180575711edbfa3cbe232fd8a7a; _uetvid=497b2830575711edb7e80514049e2b69; _fbp=fb.1.1667026793115.450739890; _pin_unauth=dWlkPU5HWm1ORE00WW1JdE5HRXhaQzAwT1dJeExUbGxPR0V0TjJRNE1qUXhZbU16TldVMg; _clsk=1dzr6i7|1667026793176|1|0|k.clarity.ms/collect; __ts_xfdF3__=688681762; _imp_apg_r_=%7B%22_fr%22%3A40404%7D
HTTP/1.1 404 Not Found
Date: Sat, 29 Oct 2022 07:00:00 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/gtm_002.js
146.190.217.48200 OK 0 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/gtm_002.js
IP 146.190.217.48:0
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/gtm_002.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 289757
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/js
146.190.217.48200 OK 0 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/js
IP 146.190.217.48:0
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 212366
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/scevent.min.js
146.190.217.48200 OK 0 B URL HTTP/1.1 usps-postage-mail-forwarding-receiving-parcel.zyns.com/KNYGHT/1/scevent.min.js
IP 146.190.217.48:0
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/scevent.min.js HTTP/1.1
Host: usps-postage-mail-forwarding-receiving-parcel.zyns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usps-postage-mail-forwarding-receiving-parcel.zyns.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=0f7fa0e11a6c5839d4c476dd013ef734
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 06:59:52 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 22702
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript