r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5517
Expires: Sun, 27 Nov 2022 20:06:38 GMT
Date: Sun, 27 Nov 2022 18:34:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11134
Expires: Sun, 27 Nov 2022 21:40:15 GMT
Date: Sun, 27 Nov 2022 18:34:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6000
Cache-Control: max-age=149791
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:41 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 12:11:12 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nMioK9S/kBRbh83RJYSdht4DRcY1iKQRUnS9VNehTWl6j20eyiKPMaHWY7jUayBciQKppZwxExU=
x-amz-request-id: QTG020B0RBPSXES8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 17:41:43 GMT
age: 3178
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 18:17:40 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1021
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:34:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 18:08:54 GMT
cache-control: public,max-age=3600
age: 1548
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4364
Cache-Control: max-age=143094
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:42 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:19:36 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/usps-fonts.css
159.203.15.58200 OK 3.3 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/usps-fonts.css
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type CSV text\012- , ASCII text, with very long lines (548)
Hash ff5f1d5d8680597b16dec4776536ab4b
f008371165d6a1c6a792347ecee106d8ba81a6f2
105e974d53f06bd2dab2baaa2e8da20812ec7d132fd0e86bb27e16b8238cf457
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
GET /KNYGHT/1/usps-fonts.css HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:42 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 3271
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/bootstrap-sticky-footer.css
159.203.15.58200 OK 137 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/bootstrap-sticky-footer.css
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash 46ca0541d17fb74860b13bddfb40dd53
e5f10c720b7556798ace107f6ca704241676460c
bb0e5cffa99e8c888c9acd59e3f6e929ff885f7e255b1af639f5d49dc61e2b32
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
GET /KNYGHT/1/bootstrap-sticky-footer.css HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:42 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 137
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QUxCAF+6fpuW9dx3ck+jrw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7GgbtTH+gN43IxribaJSuYWJxdI=
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/21006064.js
159.203.15.58200 OK 1.7 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/21006064.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1735), with no line terminators
Hash 9bf57e26660b2aa5d23477b533c74fd7
0f6ad66b400f01e1e32f2d586e5b60476e3dfa91
518d16ac02487f5e18c5f301e9ff50976c1bf458e3c416e380fc3c73f6667e9c
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/21006064.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:42 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1735
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/21006064_002.js
159.203.15.58200 OK 1.1 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/21006064_002.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash d51d57187870a8a1de69e179d0feaa4a
0edc7cb602df552ed99354611d8035df845dbdd1
ab6e33124ca88c96695d13345c050b5edd134f6307564896098ded6c6515a1a5
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/21006064_002.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:42 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1141
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
159.203.15.58200 OK 285 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (51698), with CRLF line terminators
Size 285 kB (284981 bytes)
Hash c26865ed096ff44d1ca4377bfe312eb0
87d499530993586968d43458e7b6c9ed9be43ecc
e237080b6495793b802f408a3fafd1318ef847cd110116bcde540ed8bed1024e
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/ HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:41 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/theme.css
159.203.15.58200 OK 43 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/theme.css
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1137)
Hash 92225defe6c529ac9742889e6ee9d36c
81e1f32202a839d131e4949a3e402deeff66bd70
1c502e3d288f7df16d00544f339a1ca477aac77fa27c819592f7b865591b9442
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
GET /KNYGHT/1/theme.css HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:42 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 42975
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/clarity.js
159.203.15.58200 OK 55 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/clarity.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (54745)
Hash c238c096f4ff077be41b8296711e8641
a50be06611656993022a860865c30f85e8ff7832
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/clarity.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:42 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 54832
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/f_002.txt
159.203.15.58200 OK 2.3 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/f_002.txt
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2303), with no line terminators
Hash e63f37169382824b01725a02b3fe2ad6
2ea785c319a6cdd9f34a6b52d251e081623336ef
967a5776ea4b713f6a5473794e2222411a288d98b354aeec49ce2cb7cbe4e054
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/f_002.txt HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 2303
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/plain
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/f.txt
159.203.15.58200 OK 42 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/f.txt
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1623)
Hash 054a78c014642c955c27626be2d8134b
b1820e69abd79548525fe90d9e114acc249327a8
194e7b2883c824a3e1de387cb2e99e8f2912925b89c7663bd7dd868fd1aba26a
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/f.txt HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:42 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 41958
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/plain
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/main.55e552f9.js
159.203.15.58200 OK 54 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/main.55e552f9.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (54284), with no line terminators
Hash c705fdcc9a56806c2ec8752d806173df
49f9713291403377abc7004f70508e95e5bfc9c4
ecf5185587dc584318775956d242115534ec7d928758081c0f9a1e3f97992508
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/main.55e552f9.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 54294
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/scevent.min.js
159.203.15.58200 OK 23 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/scevent.min.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (22702), with no line terminators
Hash 23a51b16831efcf4fe0caaf0b12342a2
0564115194f59fabdf49da5d2b8f323ba1eddc86
b1c8384f493600f8ca471b69029eb14dc4a9b7e4070305c2f418752d0fc4ceef
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/scevent.min.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 22702
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/bootstrap.min.css
159.203.15.58200 OK 122 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/bootstrap.min.css
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (64985)
Size 122 kB (122482 bytes)
Hash 6439ff95f4b0d95bf8ba1897c19eab2c
63e64f9cdb0033dcc836be4f59a710875ef34ad6
f4bbc1d72d017bef7a1d71c52e952861b92178cc2dd5378592eb875dfdae9b66
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
GET /KNYGHT/1/bootstrap.min.css HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:42 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 122482
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/pixel.js
159.203.15.58200 OK 25 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/pixel.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (25224)
Hash 1a42767ea6f6e5498e665d394486e413
f2c8f17c515ba67719cf8c563b972a01ee08cd57
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/pixel.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 25225
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/uwt.js
159.203.15.58200 OK 57 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/uwt.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (57443), with no line terminators
Hash d4de8398858246712016031c834bb061
49709126e0fcb914a62f3255ae3ffe45a3fbe0ae
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/uwt.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 57443
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/core.js
159.203.15.58200 OK 1.1 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/core.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1142), with no line terminators
Hash b06b4e6cb1f66b46eb000478658c5236
e6a12798819f7512b3dc773b5abe637bf6c2491e
5afc363b68106631c9744da4953b7f123c67bb28f07e85c21e97d06c439a093a
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/core.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1142
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
tr.snapchat.com/log/error
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/log/error
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /log/error HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------32762227195209387912926040932
Content-Length: 1168
Origin: http://www.tracking-usps-search-products-track-package.mypop3.org
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:34:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f2da40ba65d4045b07f6b12034d69f17
c18e7ef75fbbc9a5e77e6c3aa100631015783378
3ba8a824a940a0a283033a401ed71e71f2268ab98f1825895ae051ae8726fd87
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3609
Cache-Control: max-age=134072
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:43 GMT
Etag: "63830862-1d7"
Expires: Tue, 29 Nov 2022 07:49:15 GMT
Last-Modified: Sun, 27 Nov 2022 06:49:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/bat.js
159.203.15.58200 OK 39 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/bat.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 16911c194f6e9313655f07c4eb9d8737
d39ccfa8c6d785af331afafe9e36336031f41b64
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/bat.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 38827
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/fbevents.js
159.203.15.58200 OK 103 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/fbevents.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (64348)
Size 103 kB (102880 bytes)
Hash e61c2ad4afdaf056d9fcbbef6171d5d4
cd5f9eb9f949d9df3ccc612aef7488323d47453d
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/fbevents.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 102880
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/analytics.js
159.203.15.58200 OK 50 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/analytics.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1325)
Hash d40531c5e99a6f84e42535859476fe35
a901817d77b2fe5259c298c91bc65c54d7f8a1a9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/analytics.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 50205
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/533374513433337.js
159.203.15.58200 OK 300 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/533374513433337.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (64471)
Size 300 kB (299569 bytes)
Hash 0a2cbee261f2e425bff7fc07d7f9ca3d
9221089d50eaffb6e91a0ea72f959b8179f3ebde
610928101a7f43c8867aa36e558ab9e8ed2b7317146ef07e8a71d94138eab021
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/533374513433337.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 299569
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/jquery-3.4.1.min.js
159.203.15.58200 OK 88 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/jquery-3.4.1.min.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65451)
Hash 220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/jquery-3.4.1.min.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 88145
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/sed-usps-70fc8edc.js
159.203.15.58200 OK 440 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/sed-usps-70fc8edc.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65377)
Size 440 kB (439984 bytes)
Hash 792c586a531d21d8d0565ef7cc144fcc
3abd016b653221a9542d928edc4e7e367cf4593e
8ead63f0da0ecd7d0361b001e86ee1c27c3bcdf4e96c91b6b2d820d82ca60c64
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/sed-usps-70fc8edc.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 439984
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/js
159.203.15.58200 OK 212 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (18593)
Size 212 kB (212366 bytes)
Hash 198e11ba8d5140ffd7a18000230b3094
ae3d41b988d6fb4f3709bd8a9b62543acf7e167d
dbc124cfe687c3d589a94bc29f64ca1b60e3254e91d14b0ddaf09fa6f3c46d6e
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 212366
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/bootstrap.min.js
159.203.15.58200 OK 37 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/bootstrap.min.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (32004)
Hash 3ce14f06108f17762e1ca97f4e1562c0
379364d99c41f21065bbce52e6155647dd68bf90
b74f3607fed740eb63f0e6a651c4830b1ce196abdcd8b1f65e2cf94a79439fff
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/bootstrap.min.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 37055
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 17a4fbf35710e5a6012519878ac76b10
d83f5813e680c07aa1496c0694c6bb7cc107d62a
5afe841f4c75f352e2761102787a6cf2dd3876950337c1afc9e0833f3e335323
GET /gtm.js?id=GTM-MVCC8H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 27 Nov 2022 18:34:43 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/jquery.blockUI.js
159.203.15.58200 OK 10 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/jquery.blockUI.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1108)
Hash 50dc82a6bccb47056ff0e7ba58444757
70c38af19b6102b82ea3ed8ed2a944cc5b9cc4ef
9042406f497a91162205ae6bba16ca4b34af374324dae0396ca70150015bebd1
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/jquery.blockUI.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 10504
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/login.js
159.203.15.58200 OK 19 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/login.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (535)
Hash 60341cd3683c3c2bce33b9da62b8bb8f
6474c9bcc1a5ecf9cbbec3656a0f78ce9f2f5aa2
26ea841346681f2f201cd4df3ae7ff7ff9689fe5fe3e0e788cf76a125b72b8f2
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/login.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 19314
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/global.js
159.203.15.58200 OK 19 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/global.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2224)
Hash 6eff9885269f11044ece8d7b43b9c3fb
bf6fc4982b95acc976ffb26b288b04cb83b394fc
d0e2a97d2d6293ea10c291f1f1e3b3f3f2301bc0e1ea8f2f30e9d29a667df9b5
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/global.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 18696
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/ie10-viewport-bug-workaround.js
159.203.15.58200 OK 459 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/ie10-viewport-bug-workaround.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
Hash 8421afc5cbaa78de3e030108193ec566
9bcfb9e76a9c0d2c0abf7a414108d53447eba261
238b4df98a2c023801e777788f40350c1f4ad6599af5eac43d09eff720c79c48
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/ie10-viewport-bug-workaround.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 459
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/Universal-Federated-Analytics-Min.js
159.203.15.58200 OK 19 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/Universal-Federated-Analytics-Min.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type C source, ASCII text, with very long lines (548)
Hash 9e1b714f83b726462a83db0033bac6db
d730ff339fc2379a66e33f981d5c86eea12d932b
456e60679a0853b3c885219ac1b8ffa4becb397615e2af7c5b3d8051241f569f
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/Universal-Federated-Analytics-Min.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 18764
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/gtm_002.js
159.203.15.58200 OK 290 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/gtm_002.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (62521)
Size 290 kB (289757 bytes)
Hash b9797d4c2161842c0a42c1fb6093244e
b304c05c845553d434e2ff273bc5f83fdd93b420
ff69abdea31a7a5162efff18ad248b25b565c479d71de5bace46d1d330a1a1e0
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/gtm_002.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 289757
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/gtm.js
159.203.15.58200 OK 595 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/gtm.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65324)
Size 595 kB (595232 bytes)
Hash ef02b258cb77519b8cf828636c582def
4c55898c2c48cee49bd6f13b31b320273dea1d0e
dca37231c4e9dace9bbce9aa5c2d33a4d59ef6557685a817f56f8dd9d563eb50
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/gtm.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 595232
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/embed.js
159.203.15.58200 OK 1.6 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/embed.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (444)
Hash 71c3f4a1ab4918e732829f77026e76db
ac96d5a9a18b01c070665e8892df8001c3b9c0ae
85b0f3cd06a802ecc9327dd4b40155a92ebc4447459660910e579482cf9b1e87
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/embed.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1568
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/js_002
159.203.15.58200 OK 162 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/js_002
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1825)
Size 162 kB (162143 bytes)
Hash c1e6d2af96187dc8169f15477e2ba4e7
326b9c97acd65d784003c326d2e79e1b6f6e1071
a5dfefdfae782213f00b7d7cf2d96a0dfca54a6df79a7f24817e1e1b684ce192
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/js_002 HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 162143
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
www.tracking-usps-search-products-track-package.mypop3.org/__imp_apg__/js/sed-usps-70fc8edc.js
159.203.15.58404 Not Found 315 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/__imp_apg__/js/sed-usps-70fc8edc.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /__imp_apg__/js/sed-usps-70fc8edc.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: _clck=1sizi3s|1|f6x|0
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.tracking-usps-search-products-track-package.mypop3.org/entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
159.203.15.58404 Not Found 315 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/usps-fonts.css
Cookie: _clck=1sizi3s|1|f6x|0
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.tracking-usps-search-products-track-package.mypop3.org/entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff
159.203.15.58404 Not Found 315 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/usps-fonts.css
Cookie: _clck=1sizi3s|1|f6x|0
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.tracking-usps-search-products-track-package.mypop3.org/entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
159.203.15.58404 Not Found 315 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/usps-fonts.css
Cookie: _clck=1sizi3s|1|f6x|0
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/ajax-loader-t.gif
159.203.15.58200 OK 3.2 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/ajax-loader-t.gif
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 32 x 32\012- data
Hash b9f5558507d20d1501a945f9bc0f4ce4
672975a0c049de369b02bd1b5ce0820fd5d9832d
d2a3b54eecee14be7278f861de0d7d95509321f0a28fd18052334cbbd369201a
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
GET /KNYGHT/1/ajax-loader-t.gif HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 3208
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/generic1658346138978.js
159.203.15.58200 OK 408 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/generic1658346138978.js
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (50708)
Size 408 kB (408458 bytes)
Hash 4384210c1d0e40bc75d1627a0ee01eeb
000d0cf08cb888a1a9c93b4cbe5735fdf6917e98
98451f63814b2ed01f0411fba8d064dbfcd83d94d8dfd7c788a7e43118d22436
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/generic1658346138978.js HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 408458
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/des_brd_2color_logo_274x79.png
159.203.15.58200 OK 7.2 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/des_brd_2color_logo_274x79.png
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 274 x 79, 8-bit/color RGBA, non-interlaced\012- data
Hash 7540a3abf4dc11dcbd1d381523956ad4
c634a237fb86e9eb6efe396bc5dd1548956c338f
194aeec3c0a28672905ad28fc88a464c2db67ab4277b1d29c3e5275013f2c638
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
GET /KNYGHT/1/des_brd_2color_logo_274x79.png HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 7177
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/logo-mini-sb.png
159.203.15.58200 OK 24 kB URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/logo-mini-sb.png
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 135 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 43707dd65a8c8ec7754b7b45fd483488
f258a5de57dfa37baf13296da6055e8f8881d742
585262db6911000f59795831f9db7bb41477bcafb135c82b51b0473363134fcf
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
GET /KNYGHT/1/logo-mini-sb.png HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:43 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 23625
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8549
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 18:34:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8549
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 18:34:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8549
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 18:34:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8549
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 18:34:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8549
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 18:34:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 74587
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 74676
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 74583
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I6egDH0h7D08HhaoQHQ0vgghBhPfje2lGIbnWD-t7p4txzHsFxmZfg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 16:15:23 GMT
age: 8361
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 60476
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/adsct.gif
159.203.15.58200 OK 43 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/adsct.gif
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
GET /KNYGHT/1/adsct.gif HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:44 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e97baa4851785eac92c719abf481c64
c32a57038d3cdbc514c9081c9938eca6a04fb481
adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8387
x-amzn-requestid: e4ce369f-7654-4c1a-94c2-70c913eb1a01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFL0tEcqIAMFXHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec01d-37bd969f4cdfe220096b8c1f;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:51:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: __2hrJIdzCKzhuJ_YfbSSfz-WwyIqnPugk7P6SuYSjn6b2wwm0otCw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 20:58:18 GMT
age: 77786
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1401700802&t=pageview&_s=1&dl=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&dp=%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEBAAQABEAAAAC~&jid=1054740696&gjid=137026541&cid=1771088927.1669574084&tid=UA-33523145-1&_gid=1655018333.1669574084&_r=1&cd1=unspecified%3Atracking-usps-search-products-track-package.mypop3.org&cd2=unspecified%3Atracking-usps-search-products-track-package.mypop3.org%20-%20tracking-usps-search-products-track-package.mypop3.org&cd3=20181010%20v4.1%20-%20Universal%20Analytics&cd4=unspecified%3Atracking-usps-search-products-track-package.mypop3.org&cd5=unspecified%3Atracking-usps-search-products-track-package.mypop3.org&cd6=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FKNYGHT%2F1%2FUniversal-Federated-Analytics-Min.js&cd7=http%3A&z=1285809785
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1401700802&t=pageview&_s=1&dl=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&dp=%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEBAAQABEAAAAC~&jid=1054740696&gjid=137026541&cid=1771088927.1669574084&tid=UA-33523145-1&_gid=1655018333.1669574084&_r=1&cd1=unspecified%3Atracking-usps-search-products-track-package.mypop3.org&cd2=unspecified%3Atracking-usps-search-products-track-package.mypop3.org%20-%20tracking-usps-search-products-track-package.mypop3.org&cd3=20181010%20v4.1%20-%20Universal%20Analytics&cd4=unspecified%3Atracking-usps-search-products-track-package.mypop3.org&cd5=unspecified%3Atracking-usps-search-products-track-package.mypop3.org&cd6=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FKNYGHT%2F1%2FUniversal-Federated-Analytics-Min.js&cd7=http%3A&z=1285809785
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&aip=1&a=1401700802&t=pageview&_s=1&dl=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&dp=%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEBAAQABEAAAAC~&jid=1054740696&gjid=137026541&cid=1771088927.1669574084&tid=UA-33523145-1&_gid=1655018333.1669574084&_r=1&cd1=unspecified%3Atracking-usps-search-products-track-package.mypop3.org&cd2=unspecified%3Atracking-usps-search-products-track-package.mypop3.org%20-%20tracking-usps-search-products-track-package.mypop3.org&cd3=20181010%20v4.1%20-%20Universal%20Analytics&cd4=unspecified%3Atracking-usps-search-products-track-package.mypop3.org&cd5=unspecified%3Atracking-usps-search-products-track-package.mypop3.org&cd6=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FKNYGHT%2F1%2FUniversal-Federated-Analytics-Min.js&cd7=http%3A&z=1285809785 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.tracking-usps-search-products-track-package.mypop3.org
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.tracking-usps-search-products-track-package.mypop3.org
date: Sun, 27 Nov 2022 18:34:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
54.230.82.240200 OK 12 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (27639), with no line terminators
Hash 6d231d01533de87f1978527ff1582e85
2681a231f71539018d1e7ef81b21035159e70067
dd8eda4130a189c4da20100752803ccb737e26f5c93f97f8db822f29f545be19
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 11968
server: CloudFront
date: Sun, 27 Nov 2022 18:34:44 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Mon, 28 Nov 2022 18:00:32 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vJwzXDb3EmZQEfOLpItfFe88vGgvYkKBMUofoBlci6LIle0ArJJpIg==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
142.250.74.168200 OK 131 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
IP 142.250.74.168:0
File type ASCII text, with very long lines (65324)
Size 131 kB (131027 bytes)
Hash 9fc46facd23c66b2d934383f39cad1da
2c284a7004e4a1aa534d927a25d533e186a4461f
a7fd4b4335327759d9777dd690f93751b411240e9d7d7700476f01a9eae0dd66
GET /gtm.js?id=GTM-MVCC8H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 18:34:44 GMT
expires: Sun, 27 Nov 2022 18:34:44 GMT
cache-control: private, max-age=900
last-modified: Sun, 27 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 131027
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.tracking-usps-search-products-track-package.mypop3.org/entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
159.203.15.58404 Not Found 315 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/usps-fonts.css
Cookie: _clck=1sizi3s|1|f6x|0; _ga=GA1.3.1771088927.1669574084; _gid=GA1.3.1655018333.1669574084; _gat_GSA_ENOR0=1
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 18:34:44 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.tracking-usps-search-products-track-package.mypop3.org/entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
159.203.15.58404 Not Found 315 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/usps-fonts.css
Cookie: _clck=1sizi3s|1|f6x|0; _ga=GA1.3.1771088927.1669574084; _gid=GA1.3.1655018333.1669574084; _gat_GSA_ENOR0=1
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 18:34:44 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tracking-usps-search-products-track-package.mypop3.org/entreg/assets/fonts/usps/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
159.203.15.58404 Not Found 315 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/entreg/assets/fonts/usps/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /entreg/assets/fonts/usps/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/usps-fonts.css
Cookie: _clck=1sizi3s|1|f6x|0; _ga=GA1.3.1771088927.1669574084; _gid=GA1.3.1655018333.1669574084; _gat_GSA_ENOR0=1
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 18:34:44 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/0
159.203.15.58404 Not Found 315 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/0
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/0 HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: _clck=1sizi3s|1|f6x|0; _ga=GA1.3.1771088927.1669574084; _gid=GA1.3.1655018333.1669574084; _gat_GSA_ENOR0=1
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 18:34:44 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.redditstatic.com/ads/pixel.js
151.101.85.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.85.140:0
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:34:44 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/pixel.htm
159.203.15.58200 OK 108 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/KNYGHT/1/pixel.htm
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 67c58a38087e1a243fd14984f663b520
d39158107e8711b6d9fbe13be4a3a3156f571e08
ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
GET /KNYGHT/1/pixel.htm HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: _clck=1sizi3s|1|f6x|0; _ga=GA1.3.1771088927.1669574084; _gid=GA1.3.1655018333.1669574084; _gat_GSA_ENOR0=1; _gcl_au=1.1.917398913.1669574084
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:34:44 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 108
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 15375
Last-Modified: Thu, 27 Oct 2022 18:55:37 GMT
Cache-Control: no-cache
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
Accept-Ranges: bytes
Date: Sun, 27 Nov 2022 18:34:44 GMT
X-Served-By: cache-iad-kjyo7100147-IAD, cache-bma1646-BMA
X-Cache: HIT, HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11421
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 09 Nov 2022 21:23:50 GMT
Accept-Ranges: bytes
ETag: "077538f81f4d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=31451FE1333767BD367C0D8832C2660B; domain=.bing.com; expires=Fri, 22-Dec-2023 18:34:44 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 356398328E2C4939A38D728A56FC0994 Ref B: OSL30EDGE0209 Ref C: 2022-11-27T18:34:44Z
Date: Sun, 27 Nov 2022 18:34:44 GMT
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1def611ed1604b222e2c1b4e5b4dbbb3
efab3f910adb2498ed4aa794df938959e861b0f1
e455592a25ecac760d03d4ca2ff3ec5a74332ff8e4d9d38384390a20d3e959f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2421
Cache-Control: max-age=104439
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:44 GMT
Etag: "63829946-1d7"
Expires: Mon, 28 Nov 2022 23:35:23 GMT
Last-Modified: Sat, 26 Nov 2022 22:55:02 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: w7RXAT35OQ448EIG/pWlmb311PlEpTccXlC+P3qk++b/LhPSOXtRdPopCkF5BjhUZrb5fTZGq8o410Nl3GcvgA==
content-length: 27340
x-fb-trip-id: 1904183273
date: Sun, 27 Nov 2022 18:34:44 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 49fa887d00060254b5ea7c2f6be5052b
f62da10bc73e87552ecaf8c92c2af5b827644b5a
f8773720e1dea7c49ec5d14e460060d458bd7cc0cc0abbb56d94c37ba5d6a524
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash ccc839aae3b4ff22e82de9305c51746b
f646be3ede92e09d1e26bf47bf5be59fe70b34ee
0873ef0f0234ff4f2d47c5764d96646140964f2d030d213e9a96f727e27c699f
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 27 Nov 2022 18:34:44 GMT
expires: Sun, 27 Nov 2022 18:34:44 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6657920381332615615
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15184
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 18:34:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1def611ed1604b222e2c1b4e5b4dbbb3
efab3f910adb2498ed4aa794df938959e861b0f1
e455592a25ecac760d03d4ca2ff3ec5a74332ff8e4d9d38384390a20d3e959f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2421
Cache-Control: max-age=104439
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:44 GMT
Etag: "63829946-1d7"
Expires: Mon, 28 Nov 2022 23:35:23 GMT
Last-Modified: Sat, 26 Nov 2022 22:55:02 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
s.pinimg.com/ct/core.js
23.38.200.197200 OK 1.1 kB IP 23.38.200.197:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash 8d9d0550c915347e312e24f00d311e50
cb44712b22cb011b759da4e741b543238839c735
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "8d9d0550c915347e312e24f00d311e50"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.google.co.in/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 42 B URL HTTP/2 www.google.co.in/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 18:34:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.55e552f9.js
23.38.200.197200 OK 19 kB URL HTTP/2 s.pinimg.com/ct/lib/main.55e552f9.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (54284), with no line terminators
Hash 84c1602180f73853dc1e35f7296bdf7d
40aea44ea928e8d539381759b791f5c70f6d4c82
6b2faea09b5d5015a36ab4300e1034e1907895b40249e5fd11b42a66fbd21dac
GET /ct/lib/main.55e552f9.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "84c1602180f73853dc1e35f7296bdf7d"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 18601
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80133954-3&cid=1771088927.1669574084&jid=1187382580&gjid=1200007840&_gid=1655018333.1669574084&_u=aGDAiUABFAAAAG~&z=2009159958
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80133954-3&cid=1771088927.1669574084&jid=1187382580&gjid=1200007840&_gid=1655018333.1669574084&_u=aGDAiUABFAAAAG~&z=2009159958
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80133954-3&cid=1771088927.1669574084&jid=1187382580&gjid=1200007840&_gid=1655018333.1669574084&_u=aGDAiUABFAAAAG~&z=2009159958 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.tracking-usps-search-products-track-package.mypop3.org
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.tracking-usps-search-products-track-package.mypop3.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 27 Nov 2022 18:34:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 49fa887d00060254b5ea7c2f6be5052b
f62da10bc73e87552ecaf8c92c2af5b827644b5a
f8773720e1dea7c49ec5d14e460060d458bd7cc0cc0abbb56d94c37ba5d6a524
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Sun, 27 Nov 2022 18:22:56 GMT
Expires: Sun, 27 Nov 2022 20:22:56 GMT
Cache-Control: public, max-age=7200
Age: 708
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1669574083753
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1669574083753
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1669574083753 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
content-type: image/gif
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:34:44 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.clarity.ms/eus2-e/s/0.6.40/clarity.js
13.107.238.53404 Not Found 0 B URL HTTP/2 www.clarity.ms/eus2-e/s/0.6.40/clarity.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eus2-e/s/0.6.40/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
x-cache: CONFIG_NOCACHE
x-azure-ref: 0xK2DYwAAAADVJscueWU9Q4kWEEaD9zpuQ1BIMzBFREdFMDQxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 27 Nov 2022 18:34:44 GMT
content-length: 0
X-Firefox-Spdy: h2
alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1669574083996
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1669574083996
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1669574083996 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Varnish
retry-after: 0
content-type: image/gif
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:34:44 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/21006064
13.107.238.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/uet/21006064
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tag/uet/21006064 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public,max-age=86400
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
x-cache: CONFIG_NOCACHE
x-azure-ref: 0xK2DYwAAAAAi0xCq1pDdS7r226tbEAU3Q1BIMzBFREdFMDQxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 27 Nov 2022 18:34:44 GMT
content-length: 0
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1669574084261
151.101.84.84200 OK 381 B URL HTTP/2 ct.pinterest.com/user/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1669574084261
IP 151.101.84.84:0
File type JSON data\012- , ASCII text, with very long lines (538), with no line terminators
Hash e1bee89eff7a40b07cdecf34867bbb2d
22ff8dc4102ec9e1096b1044ac4a42120d505cfd
ddcde22b896fc7d2691810c1463ab90c033f295c5322a1dc607e7b700207c1dd
GET /user/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1669574084261 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.tracking-usps-search-products-track-package.mypop3.org
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPVlUaGpNak13WW1VdE5EVXhaUzAwWmpNeUxUazJOakV0WWpabE4yWXhaamcxTTJReQ
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: http://www.tracking-usps-search-products-track-package.mypop3.org
content-type: application/json; charset=utf-8
content-encoding: gzip
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1393551808263001
date: Sun, 27 Nov 2022 18:34:44 GMT
x-cdn: fastly
content-length: 381
X-Firefox-Spdy: h2
reg.usps.com/entreg/favicon.ico
192.229.221.165200 OK 1.2 kB URL HTTP/2 reg.usps.com/entreg/favicon.ico
IP 192.229.221.165:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 178819cc32a7774822e3550c57cd20aa
c8050ec440e8cc1367a6115934edc0bf94a0d343
8565aaa87282f585b8a021ee0e693f662eb179df62890d01e086cc9f23dec1d2
GET /entreg/favicon.ico HTTP/1.1
Host: reg.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
age: 58722
cache-control: no-cache
content-type: image/x-icon
date: Sun, 27 Nov 2022 18:34:44 GMT
etag: "47e-5ea5d077c5480"
expires: Sun, 27 Nov 2022 18:34:44 GMT
last-modified: Thu, 06 Oct 2022 12:42:42 GMT
server: ECAcc (dcb/7F0E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN, DENY
x-ruleset-version: 2.5
content-length: 1150
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669574084268
151.101.84.84200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669574084268
IP 151.101.84.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669574084268 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 7222699577076629
date: Sun, 27 Nov 2022 18:34:45 GMT
x-cdn: fastly
content-length: 35
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669574084269
151.101.84.84200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669574084269
IP 151.101.84.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669574084269 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
referrer-policy: origin
x-pinterest-rid: 1675335660474811
date: Sun, 27 Nov 2022 18:34:45 GMT
x-cdn: fastly
content-length: 35
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=21006064&Ver=2&mid=928f245f-7350-42e2-a55a-9d27f185b019&sid=29adf5206e8211edb30e579f517a0d66&vid=29ae30606e8211edac2c518762c092f9&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=USPS.com%C2%AE%20-%20Account%20Verification&p=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&r=<=2833&evt=pageLoad&sv=1&rn=551527
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=21006064&Ver=2&mid=928f245f-7350-42e2-a55a-9d27f185b019&sid=29adf5206e8211edb30e579f517a0d66&vid=29ae30606e8211edac2c518762c092f9&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=USPS.com%C2%AE%20-%20Account%20Verification&p=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&r=<=2833&evt=pageLoad&sv=1&rn=551527
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=21006064&Ver=2&mid=928f245f-7350-42e2-a55a-9d27f185b019&sid=29adf5206e8211edb30e579f517a0d66&vid=29ae30606e8211edac2c518762c092f9&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=USPS.com%C2%AE%20-%20Account%20Verification&p=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&r=<=2833&evt=pageLoad&sv=1&rn=551527 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=151E4362A9636C5E0BF7510BA8346DD7; domain=.bing.com; expires=Fri, 22-Dec-2023 18:34:45 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BA313A05D0B5497BA585AFF363453972 Ref B: OSL30EDGE0306 Ref C: 2022-11-27T18:34:45Z
date: Sun, 27 Nov 2022 18:34:44 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1669574084252&cv=9&fst=1669574084252&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=917398913.1669574084&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.130200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1669574084252&cv=9&fst=1669574084252&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=917398913.1669574084&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2613), with no line terminators
Hash 09e5efaf3cb43ee5845c4de6e90c6aa8
8cc956dca7479a490f9e9b1185c9d6f563dda722
f9d011f2fa9b1013e06ee9409eb05694040dbdbc69751d721c5fb799d07c7679
GET /pagead/viewthroughconversion/978081151/?random=1669574084252&cv=9&fst=1669574084252&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=917398913.1669574084&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 18:34:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1112
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 27-Nov-2022 18:49:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/21006064.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/21006064.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/21006064.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=291FD96CD52662C224B3CB05D47163FB; domain=.bing.com; expires=Fri, 22-Dec-2023 18:34:45 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FB6D37B495854BC0AB22F08BB3E7C6E5 Ref B: OSL30EDGE0306 Ref C: 2022-11-27T18:34:45Z
date: Sun, 27 Nov 2022 18:34:44 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1669574084249&cv=9&fst=1669574084249&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=917398913.1669574084&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.130200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1669574084249&cv=9&fst=1669574084249&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=917398913.1669574084&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2613), with no line terminators
Hash d2e340edcc67df1445ca0f249724747b
f5a317a20137e63b84ef25b3ed606b0b8958f32a
eeaeac0735d9fe4935eb431653f5c1559d56e101b6b37a3a58217951e18d7386
GET /pagead/viewthroughconversion/978081151/?random=1669574084249&cv=9&fst=1669574084249&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=917398913.1669574084&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 18:34:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1115
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 27-Nov-2022 18:49:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.9a94ee76.js
23.38.200.197200 OK 21 kB URL HTTP/2 s.pinimg.com/ct/lib/main.9a94ee76.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (59858), with no line terminators
Hash e43867aadc515024dd460d8611098a12
c4fd1b2ace2f8a96a38e4b4996be8d7c46fdfd3f
76d528cb411bf6ff7fd77619aa507bec3bdf7f02063add1d9fe9009088f78d98
GET /ct/lib/main.9a94ee76.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "e43867aadc515024dd460d8611098a12"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20728
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1669574084204&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=3de5f1a2-2510-4566-80b6-d191047f9aa9&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1669574084204&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=3de5f1a2-2510-4566-80b6-d191047f9aa9&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1669574084204&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=3de5f1a2-2510-4566-80b6-d191047f9aa9&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:34:45 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1669574084205&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=3de5f1a2-2510-4566-80b6-d191047f9aa9&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1669574084205&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=3de5f1a2-2510-4566-80b6-d191047f9aa9&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1669574084205&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=3de5f1a2-2510-4566-80b6-d191047f9aa9&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:34:45 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
104.110.27.57200 OK 528 B URL HTTP/2 resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
IP 104.110.27.57:0
File type ASCII text, with very long lines (587)
Hash ba47dc22c85b2810f933d60dc6cdd7c2
4ab2b832c2e93fbd1a330cd778b6c1ee6c17f059
471e8d8f409f6d3c8cd58595efdef041824bdec42ca7471575f9a8fe584970eb
GET /wdcgov/2/onsite/embed.js HTTP/1.1
Host: resources.digital-cloud-gov.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aPIF75l5BAs6a1sfhKNwgzjYRF06IXGuTvHbRzACLq7hJ/E7URST2rnsGff1l2cayeSTiDz1T/4=
x-amz-request-id: K9GRAMGP4R9MSGHT
last-modified: Mon, 21 Nov 2022 22:06:12 GMT
etag: "6dd5d024cbc3fe06f0b61243fbf20b4c"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 27 Nov 2022 18:34:45 GMT
content-length: 528
access-control-max-age: 86400
access-control-allow-origin: *
X-Firefox-Spdy: h2
bat.bing.com/actionp/0?ti=21006064&Ver=2&mid=928f245f-7350-42e2-a55a-9d27f185b019&sid=29adf5206e8211edb30e579f517a0d66&vid=29ae30606e8211edac2c518762c092f9&vids=1&msclkid=N&evt=dedup
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/actionp/0?ti=21006064&Ver=2&mid=928f245f-7350-42e2-a55a-9d27f185b019&sid=29adf5206e8211edb30e579f517a0d66&vid=29ae30606e8211edac2c518762c092f9&vids=1&msclkid=N&evt=dedup
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /actionp/0?ti=21006064&Ver=2&mid=928f245f-7350-42e2-a55a-9d27f185b019&sid=29adf5206e8211edb30e579f517a0d66&vid=29ae30606e8211edac2c518762c092f9&vids=1&msclkid=N&evt=dedup HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.tracking-usps-search-products-track-package.mypop3.org
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=02BF7B978E64637518FB69FE8F3362BA; domain=.bing.com; expires=Fri, 22-Dec-2023 18:34:45 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A41D3EFBC7DD436895284C189D3D0D2E Ref B: OSL30EDGE0306 Ref C: 2022-11-27T18:34:45Z
date: Sun, 27 Nov 2022 18:34:44 GMT
X-Firefox-Spdy: h2
k.clarity.ms/collect
20.96.88.162204 No Content 0 B IP 20.96.88.162:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: k.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3906
Origin: http://www.tracking-usps-search-products-track-package.mypop3.org
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
access-control-allow-origin: http://www.tracking-usps-search-products-track-package.mypop3.org
access-control-allow-credentials: true
date: Sun, 27 Nov 2022 18:34:44 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=533374513433337&ev=PageView&dl=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&rl=&if=false&ts=1669574084897&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669574084895.819975885&it=1669574084275&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=533374513433337&ev=PageView&dl=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&rl=&if=false&ts=1669574084897&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669574084895.819975885&it=1669574084275&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=533374513433337&ev=PageView&dl=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&rl=&if=false&ts=1669574084897&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669574084895.819975885&it=1669574084275&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Nov 2022 18:34:45 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/978081151/?random=1669574084252&cv=9&fst=1669572000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=2309150288&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/978081151/?random=1669574084252&cv=9&fst=1669572000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=2309150288&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1669574084252&cv=9&fst=1669572000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=2309150288&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 18:34:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/978081151/?random=1669574084249&cv=9&fst=1669572000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=3073762877&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/978081151/?random=1669574084249&cv=9&fst=1669572000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=3073762877&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1669574084249&cv=9&fst=1669572000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tracking-usps-search-products-track-package.mypop3.org%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=3073762877&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 18:34:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:34:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ct.pinterest.com/ct.html
151.101.84.84200 OK 323 B IP 151.101.84.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
x-envoy-upstream-service-time: 17
referrer-policy: origin
x-pinterest-rid: 1611049979668173
date: Sun, 27 Nov 2022 18:34:45 GMT
x-cdn: fastly
content-length: 323
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=2906200926FE463980115889C9F28F68&RedC=c.clarity.ms&MXFR=374C1DABBEF76D140BAC0FC2BAF7633E
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=374C1DABBEF76D140BAC0FC2BAF7633E; domain=.clarity.ms; expires=Fri, 22-Dec-2023 18:34:45 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sun, 27 Nov 2022 18:34:45 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=2906200926FE463980115889C9F28F68&RedC=c.clarity.ms&MXFR=374C1DABBEF76D140BAC0FC2BAF7633E
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=2906200926FE463980115889C9F28F68&RedC=c.clarity.ms&MXFR=374C1DABBEF76D140BAC0FC2BAF7633E
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=2906200926FE463980115889C9F28F68&RedC=c.clarity.ms&MXFR=374C1DABBEF76D140BAC0FC2BAF7633E HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=2906200926FE463980115889C9F28F68&MUID=1266F164D45E61221C37E30DD5096097
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=1266F164D45E61221C37E30DD5096097; domain=c.bing.com; expires=Fri, 22-Dec-2023 18:34:45 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 609D2C77457C4FC5A409BAE82D44933E Ref B: OSL30EDGE0306 Ref C: 2022-11-27T18:34:45Z
date: Sun, 27 Nov 2022 18:34:45 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=2906200926FE463980115889C9F28F68&MUID=1266F164D45E61221C37E30DD5096097
20.234.93.27200 OK 143 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=2906200926FE463980115889C9F28F68&MUID=1266F164D45E61221C37E30DD5096097
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type gzip compressed data, from Unix\012- data
Hash 6e406681664fe1c30836d3737a1e7602
f2acd511f1c9d6dd8da1d1dd857c0f9572ac0c61
520fbb6f9a60fdc50aa7b2e5e02e4ef1717f3ea0137307a8428052c7091cb5f1
GET /c.gif?CtsSyncId=2906200926FE463980115889C9F28F68&MUID=1266F164D45E61221C37E30DD5096097 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 27-Nov-2022 18:44:45 GMT; path=/; SameSite=None; Secure;
date: Sun, 27 Nov 2022 18:34:45 GMT
content-length: 42
X-Firefox-Spdy: h2
www.tracking-usps-search-products-track-package.mypop3.org/__imp_apg__/api/dip/v1/dip
159.203.15.58404 Not Found 315 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/__imp_apg__/api/dip/v1/dip
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
POST /__imp_apg__/api/dip/v1/dip HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 2220
Origin: http://www.tracking-usps-search-products-track-package.mypop3.org
Connection: keep-alive
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: _clck=1sizi3s|1|f6x|0; _ga=GA1.3.1771088927.1669574084; _gid=GA1.3.1655018333.1669574084; _gat_GSA_ENOR0=1; _gcl_au=1.1.917398913.1669574084; _ga=GA1.1.1771088927.1669574084; _gid=GA1.2.1655018333.1669574084; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1669574083.1.0.1669574083.0.0.0; mdLogger=false; kampyleUserSession=1669574084090; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _rdt_uuid=1669574084203.3de5f1a2-2510-4566-80b6-d191047f9aa9; _uetsid=29adf5206e8211edb30e579f517a0d66; _uetvid=29ae30606e8211edac2c518762c092f9; _fbp=fb.1.1669574084895.819975885; _pin_unauth=dWlkPVlUaGpNak13WW1VdE5EVXhaUzAwWmpNeUxUazJOakV0WWpabE4yWXhaamcxTTJReQ; _clsk=1q5xc49|1669574085092|1|0|k.clarity.ms/collect
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 18:34:46 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.tracking-usps-search-products-track-package.mypop3.org/__imp_apg__/api/imp/v1.0/report/?m&fq=load
159.203.15.58404 Not Found 315 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/__imp_apg__/api/imp/v1.0/report/?m&fq=load
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
POST /__imp_apg__/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
content-type: text/plain;charset=UTF-8
Origin: http://www.tracking-usps-search-products-track-package.mypop3.org
Content-Length: 948
Connection: keep-alive
Cookie: _clck=1sizi3s|1|f6x|0; _ga=GA1.3.1771088927.1669574084; _gid=GA1.3.1655018333.1669574084; _gat_GSA_ENOR0=1; _gcl_au=1.1.917398913.1669574084; _ga=GA1.1.1771088927.1669574084; _gid=GA1.2.1655018333.1669574084; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1669574083.1.0.1669574083.0.0.0; mdLogger=false; kampyleUserSession=1669574084090; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _rdt_uuid=1669574084203.3de5f1a2-2510-4566-80b6-d191047f9aa9; _uetsid=29adf5206e8211edb30e579f517a0d66; _uetvid=29ae30606e8211edac2c518762c092f9; _fbp=fb.1.1669574084895.819975885; _pin_unauth=dWlkPVlUaGpNak13WW1VdE5EVXhaUzAwWmpNeUxUazJOakV0WWpabE4yWXhaamcxTTJReQ; _clsk=1q5xc49|1669574085092|1|0|k.clarity.ms/collect; __ts_xfdF3__=953927449; _imp_apg_r_=%7B%22_fr%22%3A10000%7D
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 18:34:46 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.tracking-usps-search-products-track-package.mypop3.org/__imp_apg__/api/imp/v1.0/report/?x
159.203.15.58404 Not Found 315 B URL HTTP/1.1 www.tracking-usps-search-products-track-package.mypop3.org/__imp_apg__/api/imp/v1.0/report/?x
IP 159.203.15.58:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - US Postal Service
fortinet Phishing
POST /__imp_apg__/api/imp/v1.0/report/?x HTTP/1.1
Host: www.tracking-usps-search-products-track-package.mypop3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.tracking-usps-search-products-track-package.mypop3.org/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
content-type: text/plain;charset=UTF-8
Origin: http://www.tracking-usps-search-products-track-package.mypop3.org
Content-Length: 492
Connection: keep-alive
Cookie: _clck=1sizi3s|1|f6x|0; _ga=GA1.3.1771088927.1669574084; _gid=GA1.3.1655018333.1669574084; _gat_GSA_ENOR0=1; _gcl_au=1.1.917398913.1669574084; _ga=GA1.1.1771088927.1669574084; _gid=GA1.2.1655018333.1669574084; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1669574083.1.0.1669574083.0.0.0; mdLogger=false; kampyleUserSession=1669574084090; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; _rdt_uuid=1669574084203.3de5f1a2-2510-4566-80b6-d191047f9aa9; _uetsid=29adf5206e8211edb30e579f517a0d66; _uetvid=29ae30606e8211edac2c518762c092f9; _fbp=fb.1.1669574084895.819975885; _pin_unauth=dWlkPVlUaGpNak13WW1VdE5EVXhaUzAwWmpNeUxUazJOakV0WWpabE4yWXhaamcxTTJReQ; _clsk=1q5xc49|1669574085092|1|0|k.clarity.ms/collect; __ts_xfdF3__=622659820; _imp_apg_r_=%7B%22_fr%22%3A40404%7D
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 18:34:50 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1