ontime-location-mail.onelink.me/sRyk/n0t2ku
143.204.55.84302 Found 0 B URL HTTP/1.1 ontime-location-mail.onelink.me/sRyk/n0t2ku
IP 143.204.55.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sRyk/n0t2ku HTTP/1.1
Host: ontime-location-mail.onelink.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Date: Wed, 26 Oct 2022 20:17:44 GMT
Location: https://usps-postage-mail-forwarding-html.fartit.com/?shortlink=n0t2ku&pid=SMS&af_xp=text
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: http-kit
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tmCjOpoTHZi6EI-eUk3vbPQ8OK3kwa8AvXkwKU49jqsQ0AyA33eIWw==
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c9ec202b798d350b6582220b7bb8457
d16ca24cd60b349231ad06fa5db32f54a3bc9e09
df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13344
Expires: Thu, 27 Oct 2022 00:00:08 GMT
Date: Wed, 26 Oct 2022 20:17:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5701
Cache-Control: max-age=139699
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:44 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:06:03 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1036
Cache-Control: max-age=135034
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:44 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 09:48:18 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6095
Expires: Wed, 26 Oct 2022 21:59:19 GMT
Date: Wed, 26 Oct 2022 20:17:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0CtknFz7WLe4qCbgb49UafFCOnIk4T73OAhso2YRfPFEXzcduvc6Z2XnHEDCSkUlwWSCqU526tc=
x-amz-request-id: RHNGPNYXZ4QAZA3X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 19:39:19 GMT
age: 2305
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 20:17:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4813
Cache-Control: max-age=133755
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:45 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:27:00 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
usps-postage-mail-forwarding-html.fartit.com/?shortlink=n0t2ku&pid=SMS&af_xp=text
146.190.217.48302 Found 0 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/?shortlink=n0t2ku&pid=SMS&af_xp=text
IP 146.190.217.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /?shortlink=n0t2ku&pid=SMS&af_xp=text HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Date: Wed, 26 Oct 2022 20:17:44 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea; path=/
Location: USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
44.228.207.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.207.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H5FlZq05D3qP95KZEHNHyw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VOnFVbXBpKWS1JU/np55dec/ceo=
usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
146.190.217.48200 OK 285 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (51698), with CRLF line terminators
Size 285 kB (284981 bytes)
Hash c26865ed096ff44d1ca4377bfe312eb0
87d499530993586968d43458e7b6c9ed9be43ecc
e237080b6495793b802f408a3fafd1318ef847cd110116bcde540ed8bed1024e
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/ HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:45 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/usps-fonts.css
146.190.217.48200 OK 3.3 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/usps-fonts.css
IP 146.190.217.48:0
File type CSV text\012- , ASCII text, with very long lines (548)
Hash ff5f1d5d8680597b16dec4776536ab4b
f008371165d6a1c6a792347ecee106d8ba81a6f2
105e974d53f06bd2dab2baaa2e8da20812ec7d132fd0e86bb27e16b8238cf457
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/usps-fonts.css HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:45 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 3271
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/bootstrap-sticky-footer.css
146.190.217.48200 OK 137 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/bootstrap-sticky-footer.css
IP 146.190.217.48:0
File type ASCII text, with no line terminators
Hash 46ca0541d17fb74860b13bddfb40dd53
e5f10c720b7556798ace107f6ca704241676460c
bb0e5cffa99e8c888c9acd59e3f6e929ff885f7e255b1af639f5d49dc61e2b32
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/bootstrap-sticky-footer.css HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:45 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 137
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/21006064.js
146.190.217.48200 OK 1.7 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/21006064.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (1735), with no line terminators
Hash 9bf57e26660b2aa5d23477b533c74fd7
0f6ad66b400f01e1e32f2d586e5b60476e3dfa91
518d16ac02487f5e18c5f301e9ff50976c1bf458e3c416e380fc3c73f6667e9c
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/21006064.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:45 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1735
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/21006064_002.js
146.190.217.48200 OK 1.1 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/21006064_002.js
IP 146.190.217.48:0
File type ASCII text, with CRLF line terminators
Hash d51d57187870a8a1de69e179d0feaa4a
0edc7cb602df552ed99354611d8035df845dbdd1
ab6e33124ca88c96695d13345c050b5edd134f6307564896098ded6c6515a1a5
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/21006064_002.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:45 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1141
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/f.txt
146.190.217.48200 OK 42 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/f.txt
IP 146.190.217.48:0
File type ASCII text, with very long lines (1623)
Hash 054a78c014642c955c27626be2d8134b
b1820e69abd79548525fe90d9e114acc249327a8
194e7b2883c824a3e1de387cb2e99e8f2912925b89c7663bd7dd868fd1aba26a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/f.txt HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:45 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 41958
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/plain
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/f_002.txt
146.190.217.48200 OK 2.3 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/f_002.txt
IP 146.190.217.48:0
File type ASCII text, with very long lines (2303), with no line terminators
Hash e63f37169382824b01725a02b3fe2ad6
2ea785c319a6cdd9f34a6b52d251e081623336ef
967a5776ea4b713f6a5473794e2222411a288d98b354aeec49ce2cb7cbe4e054
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/f_002.txt HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:45 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 2303
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/plain
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/clarity.js
146.190.217.48200 OK 55 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/clarity.js
IP 146.190.217.48:0
File type Unicode text, UTF-8 text, with very long lines (54745)
Hash c238c096f4ff077be41b8296711e8641
a50be06611656993022a860865c30f85e8ff7832
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/clarity.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:45 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 54832
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/theme.css
146.190.217.48200 OK 43 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/theme.css
IP 146.190.217.48:0
File type ASCII text, with very long lines (1137)
Hash 92225defe6c529ac9742889e6ee9d36c
81e1f32202a839d131e4949a3e402deeff66bd70
1c502e3d288f7df16d00544f339a1ca477aac77fa27c819592f7b865591b9442
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/theme.css HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:45 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 42975
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/scevent.min.js
146.190.217.48200 OK 23 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/scevent.min.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (22702), with no line terminators
Hash 23a51b16831efcf4fe0caaf0b12342a2
0564115194f59fabdf49da5d2b8f323ba1eddc86
b1c8384f493600f8ca471b69029eb14dc4a9b7e4070305c2f418752d0fc4ceef
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/scevent.min.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:45 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 22702
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/pixel.js
146.190.217.48200 OK 25 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/pixel.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (25224)
Hash 1a42767ea6f6e5498e665d394486e413
f2c8f17c515ba67719cf8c563b972a01ee08cd57
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/pixel.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:45 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 25225
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/bootstrap.min.css
146.190.217.48200 OK 122 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/bootstrap.min.css
IP 146.190.217.48:0
File type ASCII text, with very long lines (64985)
Size 122 kB (122482 bytes)
Hash 6439ff95f4b0d95bf8ba1897c19eab2c
63e64f9cdb0033dcc836be4f59a710875ef34ad6
f4bbc1d72d017bef7a1d71c52e952861b92178cc2dd5378592eb875dfdae9b66
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/bootstrap.min.css HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:45 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 122482
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/bat.js
146.190.217.48200 OK 39 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/bat.js
IP 146.190.217.48:0
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 16911c194f6e9313655f07c4eb9d8737
d39ccfa8c6d785af331afafe9e36336031f41b64
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/bat.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 38827
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/core.js
146.190.217.48200 OK 1.1 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/core.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (1142), with no line terminators
Hash b06b4e6cb1f66b46eb000478658c5236
e6a12798819f7512b3dc773b5abe637bf6c2491e
5afc363b68106631c9744da4953b7f123c67bb28f07e85c21e97d06c439a093a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/core.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1142
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/main.55e552f9.js
146.190.217.48200 OK 54 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/main.55e552f9.js
IP 146.190.217.48:0
File type Unicode text, UTF-8 text, with very long lines (54284), with no line terminators
Hash c705fdcc9a56806c2ec8752d806173df
49f9713291403377abc7004f70508e95e5bfc9c4
ecf5185587dc584318775956d242115534ec7d928758081c0f9a1e3f97992508
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/main.55e552f9.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:45 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 54294
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11309
Expires: Wed, 26 Oct 2022 23:26:15 GMT
Date: Wed, 26 Oct 2022 20:17:46 GMT
Connection: keep-alive
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/analytics.js
146.190.217.48200 OK 50 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/analytics.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (1325)
Hash d40531c5e99a6f84e42535859476fe35
a901817d77b2fe5259c298c91bc65c54d7f8a1a9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/analytics.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 50205
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6c254f84a98ab252806efa11d4d8ac1
126ec6e614523aca8e1d5ecbe8ce6171669363b6
99e37674d342fceea9ad9b46c2a9ed4c51cfe323a0d359ce64d878bf3eff6560
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3895
Cache-Control: max-age=124573
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:46 GMT
Etag: "6358ca50-1d7"
Expires: Fri, 28 Oct 2022 06:53:59 GMT
Last-Modified: Wed, 26 Oct 2022 05:49:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11309
Expires: Wed, 26 Oct 2022 23:26:15 GMT
Date: Wed, 26 Oct 2022 20:17:46 GMT
Connection: keep-alive
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/uwt.js
146.190.217.48200 OK 57 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/uwt.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash d4de8398858246712016031c834bb061
49709126e0fcb914a62f3255ae3ffe45a3fbe0ae
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/uwt.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 57443
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1cc61ad4b1d66ab4bce27288ee690e12
324e13ad5c99f628d713e55a2994ad4042ece70e
62cd88bc19bc1f0be2a37c3e990897158acd3d55aa3ddd299144d4f9596ba34e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6831
x-amzn-requestid: cc6f38ff-ab33-4b18-8cae-aa6bc061962f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alKjPH7ToAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635857ae-3db2790d0e6c5fab6c4bc81f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tiWbOUwlRzaT2EnCWIgoFaT_ho55s3tgRxalb7yBbI21Pv0BhfLJOg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:52:53 GMT
age: 80693
etag: "324e13ad5c99f628d713e55a2994ad4042ece70e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/533374513433337.js
146.190.217.48200 OK 300 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/533374513433337.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (64471)
Size 300 kB (299569 bytes)
Hash 0a2cbee261f2e425bff7fc07d7f9ca3d
9221089d50eaffb6e91a0ea72f959b8179f3ebde
610928101a7f43c8867aa36e558ab9e8ed2b7317146ef07e8a71d94138eab021
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/533374513433337.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 299569
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/js
146.190.217.48200 OK 212 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/js
IP 146.190.217.48:0
File type ASCII text, with very long lines (18593)
Size 212 kB (212366 bytes)
Hash 198e11ba8d5140ffd7a18000230b3094
ae3d41b988d6fb4f3709bd8a9b62543acf7e167d
dbc124cfe687c3d589a94bc29f64ca1b60e3254e91d14b0ddaf09fa6f3c46d6e
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 212366
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/jquery-3.4.1.min.js
146.190.217.48200 OK 88 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/jquery-3.4.1.min.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (65451)
Hash 220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/jquery-3.4.1.min.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 88145
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
tr.snapchat.com/log/error
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/log/error
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /log/error HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------171686980410848607182104109599
Content-Length: 1135
Origin: https://usps-postage-mail-forwarding-html.fartit.com
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 20:17:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
access-control-allow-origin: https://usps-postage-mail-forwarding-html.fartit.com
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fUBXr7SKYdvhryoB8p9to-Eo8twjspRYnHO2xf9TtvLJIIyOwe3W1w==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 05:07:50 GMT
age: 54596
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OV7g4Y4fcQGijljebzHQtnpKdcPKw6LTxqORxxBJL2lFPYQLLoyNuQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:34:40 GMT
age: 70986
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db946866312c734e0c5f91ca76255b2f
e8b8236baab9106a426a415eb01494cc4cc91ad1
a695e7bc87da2c6d9f5669c09e662fe22982e69cb139466efa5093429fe19866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8439
x-amzn-requestid: e0eed725-0725-4f5a-9c91-fec13ad0ebe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ajKYQGWhIAMFdhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63578a9b-2a0115120e75f5271cea992f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 07:04:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: WVz4PqWqT9Pk1juQ95Xzi-7HcEDBqKb5VAncjXxOYFfKTnjRbmodoA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 04:44:59 GMT
age: 55967
etag: "e8b8236baab9106a426a415eb01494cc4cc91ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5da11cdb-c8be-46f4-95b0-792c49d930a7.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5da11cdb-c8be-46f4-95b0-792c49d930a7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5987bcd44ab0db5313aa4f409a8a212f
691a36cde98a9fe1660745dd811e0be2ae67036c
e47ce3587c647b52669f675dc7e84e21555f82138091fb04febc951b4c06ba30
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5da11cdb-c8be-46f4-95b0-792c49d930a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8553
x-amzn-requestid: 69931a9c-027e-428e-a88d-61c5fac64daa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2iEnzoAMFZAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585690-12c78c5157fb3fa41a13548c;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: E4t7XezEVl1x_4sbidtDPjCuZoCh7N01y7ZeYZWlAL1w8ut4Qx95TA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:46:50 GMT
age: 81056
etag: "691a36cde98a9fe1660745dd811e0be2ae67036c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3ae78510434fd68063fc144bf614382
3bb87ca5274ce9f6d81da60ab940d23ccd12843b
f42d89328435cb37cba1111903a6bd5e900857d0942e1506ea2115b4e6301541
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7929
x-amzn-requestid: 6324abd6-8e27-4903-8bfc-a0fc6a8625be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alK9LEeoIAMF5mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585854-2900343b1ae208a903fe58fd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:42:44 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5MR4UzoW6rVsSpEyPAWrcFb2LCRICaG-toy3JflaXRrzZwcgMs48VQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:49:35 GMT
age: 80891
etag: "3bb87ca5274ce9f6d81da60ab940d23ccd12843b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6c254f84a98ab252806efa11d4d8ac1
126ec6e614523aca8e1d5ecbe8ce6171669363b6
99e37674d342fceea9ad9b46c2a9ed4c51cfe323a0d359ce64d878bf3eff6560
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 81
Cache-Control: max-age=120759
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:46 GMT
Etag: "6358ca50-1d7"
Expires: Fri, 28 Oct 2022 05:50:26 GMT
Last-Modified: Wed, 26 Oct 2022 05:49:04 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/gtm_002.js
146.190.217.48200 OK 472 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/gtm_002.js
IP 146.190.217.48:0
Hash e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/gtm_002.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 289757
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/login.js
146.190.217.48200 OK 19 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/login.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (535)
Hash 60341cd3683c3c2bce33b9da62b8bb8f
6474c9bcc1a5ecf9cbbec3656a0f78ce9f2f5aa2
26ea841346681f2f201cd4df3ae7ff7ff9689fe5fe3e0e788cf76a125b72b8f2
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/login.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 19314
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/jquery.blockUI.js
146.190.217.48200 OK 10 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/jquery.blockUI.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (1108)
Hash 50dc82a6bccb47056ff0e7ba58444757
70c38af19b6102b82ea3ed8ed2a944cc5b9cc4ef
9042406f497a91162205ae6bba16ca4b34af374324dae0396ca70150015bebd1
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/jquery.blockUI.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 10504
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/bootstrap.min.js
146.190.217.48200 OK 37 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/bootstrap.min.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (32004)
Hash 3ce14f06108f17762e1ca97f4e1562c0
379364d99c41f21065bbce52e6155647dd68bf90
b74f3607fed740eb63f0e6a651c4830b1ce196abdcd8b1f65e2cf94a79439fff
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/bootstrap.min.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 37055
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/sed-usps-70fc8edc.js
146.190.217.48200 OK 440 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/sed-usps-70fc8edc.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (65377)
Size 440 kB (439984 bytes)
Hash 792c586a531d21d8d0565ef7cc144fcc
3abd016b653221a9542d928edc4e7e367cf4593e
8ead63f0da0ecd7d0361b001e86ee1c27c3bcdf4e96c91b6b2d820d82ca60c64
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/sed-usps-70fc8edc.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 439984
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/global.js
146.190.217.48200 OK 19 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/global.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (2224)
Hash 6eff9885269f11044ece8d7b43b9c3fb
bf6fc4982b95acc976ffb26b288b04cb83b394fc
d0e2a97d2d6293ea10c291f1f1e3b3f3f2301bc0e1ea8f2f30e9d29a667df9b5
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/global.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 18696
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/gtm.js
146.190.217.48200 OK 595 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/gtm.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (65324)
Size 595 kB (595232 bytes)
Hash ef02b258cb77519b8cf828636c582def
4c55898c2c48cee49bd6f13b31b320273dea1d0e
dca37231c4e9dace9bbce9aa5c2d33a4d59ef6557685a817f56f8dd9d563eb50
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/gtm.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 595232
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/ie10-viewport-bug-workaround.js
146.190.217.48200 OK 459 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/ie10-viewport-bug-workaround.js
IP 146.190.217.48:0
Hash 8421afc5cbaa78de3e030108193ec566
9bcfb9e76a9c0d2c0abf7a414108d53447eba261
238b4df98a2c023801e777788f40350c1f4ad6599af5eac43d09eff720c79c48
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/ie10-viewport-bug-workaround.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 459
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/Universal-Federated-Analytics-Min.js
146.190.217.48200 OK 19 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/Universal-Federated-Analytics-Min.js
IP 146.190.217.48:0
File type C source, ASCII text, with very long lines (548)
Hash 9e1b714f83b726462a83db0033bac6db
d730ff339fc2379a66e33f981d5c86eea12d932b
456e60679a0853b3c885219ac1b8ffa4becb397615e2af7c5b3d8051241f569f
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/Universal-Federated-Analytics-Min.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 18764
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/embed.js
146.190.217.48200 OK 1.6 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/embed.js
IP 146.190.217.48:0
File type ASCII text, with very long lines (444)
Hash 71c3f4a1ab4918e732829f77026e76db
ac96d5a9a18b01c070665e8892df8001c3b9c0ae
85b0f3cd06a802ecc9327dd4b40155a92ebc4447459660910e579482cf9b1e87
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/embed.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 1568
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
usps-postage-mail-forwarding-html.fartit.com/entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea; _clck=zfp1oy|1|f61|0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-html.fartit.com/__imp_apg__/js/sed-usps-70fc8edc.js
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/__imp_apg__/js/sed-usps-70fc8edc.js
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /__imp_apg__/js/sed-usps-70fc8edc.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea; _clck=zfp1oy|1|f61|0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-html.fartit.com/entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea; _clck=zfp1oy|1|f61|0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-html.fartit.com/entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea; _clck=zfp1oy|1|f61|0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/generic1658346138978.js
146.190.217.48200 OK 408 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/generic1658346138978.js
IP 146.190.217.48:0
File type Unicode text, UTF-8 text, with very long lines (50708)
Size 408 kB (408458 bytes)
Hash 4384210c1d0e40bc75d1627a0ee01eeb
000d0cf08cb888a1a9c93b4cbe5735fdf6917e98
98451f63814b2ed01f0411fba8d064dbfcd83d94d8dfd7c788a7e43118d22436
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/generic1658346138978.js HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 408458
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/ajax-loader-t.gif
146.190.217.48200 OK 3.2 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/ajax-loader-t.gif
IP 146.190.217.48:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash b9f5558507d20d1501a945f9bc0f4ce4
672975a0c049de369b02bd1b5ce0820fd5d9832d
d2a3b54eecee14be7278f861de0d7d95509321f0a28fd18052334cbbd369201a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/ajax-loader-t.gif HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 3208
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/des_brd_2color_logo_274x79.png
146.190.217.48200 OK 7.2 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/des_brd_2color_logo_274x79.png
IP 146.190.217.48:0
File type PNG image data, 274 x 79, 8-bit/color RGBA, non-interlaced\012- data
Hash 7540a3abf4dc11dcbd1d381523956ad4
c634a237fb86e9eb6efe396bc5dd1548956c338f
194aeec3c0a28672905ad28fc88a464c2db67ab4277b1d29c3e5275013f2c638
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/des_brd_2color_logo_274x79.png HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 7177
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/logo-mini-sb.png
146.190.217.48200 OK 24 kB URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/logo-mini-sb.png
IP 146.190.217.48:0
File type PNG image data, 135 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 43707dd65a8c8ec7754b7b45fd483488
f258a5de57dfa37baf13296da6055e8f8881d742
585262db6911000f59795831f9db7bb41477bcafb135c82b51b0473363134fcf
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/logo-mini-sb.png HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 23625
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/0
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/0
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/0 HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/adsct_002.gif
146.190.217.48200 OK 43 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/adsct_002.gif
IP 146.190.217.48:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/adsct_002.gif HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/gif
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/adsct.gif
146.190.217.48200 OK 43 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/adsct.gif
IP 146.190.217.48:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/adsct.gif HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1383369674&t=pageview&_s=1&dl=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&dp=%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEBAAQABEAAAAC~&jid=368568450&gjid=934604900&cid=127167284.1666815467&tid=UA-33523145-1&_gid=2001802361.1666815467&_r=1&cd1=unspecified%3Ausps-postage-mail-forwarding-html.fartit.com&cd2=unspecified%3Ausps-postage-mail-forwarding-html.fartit.com%20-%20usps-postage-mail-forwarding-html.fartit.com&cd3=20181010%20v4.1%20-%20Universal%20Analytics&cd4=unspecified%3Ausps-postage-mail-forwarding-html.fartit.com&cd5=unspecified%3Ausps-postage-mail-forwarding-html.fartit.com&cd6=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FKNYGHT%2F1%2FUniversal-Federated-Analytics-Min.js&cd7=https%3A&z=226674096
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1383369674&t=pageview&_s=1&dl=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&dp=%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEBAAQABEAAAAC~&jid=368568450&gjid=934604900&cid=127167284.1666815467&tid=UA-33523145-1&_gid=2001802361.1666815467&_r=1&cd1=unspecified%3Ausps-postage-mail-forwarding-html.fartit.com&cd2=unspecified%3Ausps-postage-mail-forwarding-html.fartit.com%20-%20usps-postage-mail-forwarding-html.fartit.com&cd3=20181010%20v4.1%20-%20Universal%20Analytics&cd4=unspecified%3Ausps-postage-mail-forwarding-html.fartit.com&cd5=unspecified%3Ausps-postage-mail-forwarding-html.fartit.com&cd6=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FKNYGHT%2F1%2FUniversal-Federated-Analytics-Min.js&cd7=https%3A&z=226674096
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&aip=1&a=1383369674&t=pageview&_s=1&dl=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&dp=%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&ul=en-us&de=UTF-8&dt=USPS.com%C2%AE%20-%20Account%20Verification&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEBAAQABEAAAAC~&jid=368568450&gjid=934604900&cid=127167284.1666815467&tid=UA-33523145-1&_gid=2001802361.1666815467&_r=1&cd1=unspecified%3Ausps-postage-mail-forwarding-html.fartit.com&cd2=unspecified%3Ausps-postage-mail-forwarding-html.fartit.com%20-%20usps-postage-mail-forwarding-html.fartit.com&cd3=20181010%20v4.1%20-%20Universal%20Analytics&cd4=unspecified%3Ausps-postage-mail-forwarding-html.fartit.com&cd5=unspecified%3Ausps-postage-mail-forwarding-html.fartit.com&cd6=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FKNYGHT%2F1%2FUniversal-Federated-Analytics-Min.js&cd7=https%3A&z=226674096 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://usps-postage-mail-forwarding-html.fartit.com
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://usps-postage-mail-forwarding-html.fartit.com
date: Wed, 26 Oct 2022 20:17:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
usps-postage-mail-forwarding-html.fartit.com/entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea; _clck=zfp1oy|1|f61|0; _ga=GA1.3.127167284.1666815467; _gid=GA1.3.2001802361.1666815467; _gat_GSA_ENOR0=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
sc-static.net/scevent.min.js
54.230.82.240200 OK 12 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (27652), with no line terminators
Hash fe4c2a5ac40e279aece6f81ccfba7a5d
d9b68e9c00dda16962d8fddb76f35a428419c6dd
a19e818ae831fb39b7e3b86d29baf0429d56766596582d8b03e180cc6250e4c0
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 11954
server: CloudFront
date: Wed, 26 Oct 2022 20:17:47 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Thu, 27 Oct 2022 19:19:43 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y4EROIGCM8LbaoDO2Xgif8BMz8ZB-aEc1v1zUZPlj1xeBSsWh9r6PQ==
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.85.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.85.140:0
File type ASCII text, with very long lines (25224)
Hash 95212d33cfff78ad59f5af5b20c48c53
9b99a4091a6eb716bc68f1428e3c86eca068b25b
bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 26 Oct 2022 20:17:47 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80133954-3&cid=127167284.1666815467&jid=397461365&gjid=974535505&_gid=2001802361.1666815467&_u=aGDAiUABFAAAAG~&z=1562458796
173.194.222.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80133954-3&cid=127167284.1666815467&jid=397461365&gjid=974535505&_gid=2001802361.1666815467&_u=aGDAiUABFAAAAG~&z=1562458796
IP 173.194.222.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80133954-3&cid=127167284.1666815467&jid=397461365&gjid=974535505&_gid=2001802361.1666815467&_u=aGDAiUABFAAAAG~&z=1562458796 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://usps-postage-mail-forwarding-html.fartit.com
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://usps-postage-mail-forwarding-html.fartit.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 20:17:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
usps-postage-mail-forwarding-html.fartit.com/entreg/assets/fonts/usps/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/entreg/assets/fonts/usps/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea; _clck=zfp1oy|1|f61|0; _ga=GA1.3.127167284.1666815467; _gid=GA1.3.2001802361.1666815467; _gat_GSA_ENOR0=1; _gcl_au=1.1.1085998890.1666815467; _ga=GA1.1.127167284.1666815467; _gid=GA1.2.2001802361.1666815467; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1666815467.1.0.1666815467.0.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 26 Oct 2022 20:17:47 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-html.fartit.com/entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/usps-fonts.css
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea; _clck=zfp1oy|1|f61|0; _ga=GA1.3.127167284.1666815467; _gid=GA1.3.2001802361.1666815467; _gat_GSA_ENOR0=1; _gcl_au=1.1.1085998890.1666815467; _ga=GA1.1.127167284.1666815467; _gid=GA1.2.2001802361.1666815467; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1666815467.1.0.1666815467.0.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 26 Oct 2022 20:17:47 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/0
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/0
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/0 HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea; _clck=zfp1oy|1|f61|0; _ga=GA1.3.127167284.1666815467; _gid=GA1.3.2001802361.1666815467; _gat_GSA_ENOR0=1; _gcl_au=1.1.1085998890.1666815467; _ga=GA1.1.127167284.1666815467; _gid=GA1.2.2001802361.1666815467; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1666815467.1.0.1666815467.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 26 Oct 2022 20:17:47 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/pixel.htm
146.190.217.48200 OK 108 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/pixel.htm
IP 146.190.217.48:0
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 67c58a38087e1a243fd14984f663b520
d39158107e8711b6d9fbe13be4a3a3156f571e08
ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/pixel.htm HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea; _clck=zfp1oy|1|f61|0; _ga=GA1.3.127167284.1666815467; _gid=GA1.3.2001802361.1666815467; _gat_GSA_ENOR0=1; _gcl_au=1.1.1085998890.1666815467; _ga=GA1.1.127167284.1666815467; _gid=GA1.2.2001802361.1666815467; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1666815467.1.0.1666815467.0.0.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:47 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 108
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html
resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
104.110.27.57200 OK 528 B URL HTTP/2 resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
IP 104.110.27.57:0
File type ASCII text, with very long lines (587)
Hash 1f5b6140f94844fff6133ef3693807ed
18c8767fca06b62e0bdd36dc0ef1a79c9dbe184e
e77717350bf9c42df8bb7c067d33a86310c17691898c1cf7def4e9b01fdc8cb1
GET /wdcgov/2/onsite/embed.js HTTP/1.1
Host: resources.digital-cloud-gov.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Tue Sep 06 2022 17:55:25 GMT+0000 (Coordinated Universal Time)
etag: "125dd36304d04069544702f1a8e8e277"
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-encoding: gzip
content-length: 528
cache-control: private, max-age=0
date: Wed, 26 Oct 2022 20:17:47 GMT
vary: Accept-Encoding
set-cookie: SERVERID=10.241.23.93; path=/
access-control-max-age: 86400
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
142.250.74.168200 OK 68 B URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MVCC8H
IP 142.250.74.168:0
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /gtm.js?id=GTM-MVCC8H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 26 Oct 2022 20:17:46 GMT
expires: Wed, 26 Oct 2022 20:17:46 GMT
cache-control: private, max-age=900
last-modified: Wed, 26 Oct 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 131028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 532447dec587c05348eb252e8c26fa54
bf880412b3bf0c7f88c29a0f0292e5fce7535cf0
d6de9fbfc4a9ea9e3c6990c7d01d7d01c47ee56fc0a60fc7d6a2e206b592bdd7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9ab0372fbd4e9d389119ccc12be968eb
0e48ffd21d7abf1cf59a471feba8da1f26b934fc
090ac22163a5cc5471bd4220bc6ebe686b115c15378c5eb9066f0767066af57d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3339
Cache-Control: max-age=116108
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:47 GMT
Etag: "6358ab6c-1d7"
Expires: Fri, 28 Oct 2022 04:32:55 GMT
Last-Modified: Wed, 26 Oct 2022 03:37:16 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
104.110.27.57200 OK 528 B URL HTTP/2 resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/embed.js
IP 104.110.27.57:0
File type ASCII text, with very long lines (587)
Hash 1f5b6140f94844fff6133ef3693807ed
18c8767fca06b62e0bdd36dc0ef1a79c9dbe184e
e77717350bf9c42df8bb7c067d33a86310c17691898c1cf7def4e9b01fdc8cb1
GET /wdcgov/2/onsite/embed.js HTTP/1.1
Host: resources.digital-cloud-gov.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue Sep 06 2022 17:55:25 GMT+0000 (Coordinated Universal Time)
If-None-Match: "125dd36304d04069544702f1a8e8e277"
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Tue Sep 06 2022 17:55:25 GMT+0000 (Coordinated Universal Time)
etag: "125dd36304d04069544702f1a8e8e277"
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-encoding: gzip
content-length: 528
cache-control: private, max-age=0
date: Wed, 26 Oct 2022 20:17:47 GMT
vary: Accept-Encoding
set-cookie: SERVERID=10.241.23.93; path=/
access-control-max-age: 86400
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 77b5da0f60755df91da1b98333c6d33c
0c36c5f1063e2ef41d02e26ddf9ed1e0a490e6b4
085b499d52d53965301db8affc692e09876290e5d67bf09c83178cc54384999f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.co.in/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 143 B URL HTTP/2 www.google.co.in/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type gzip compressed data, from Unix\012- data
Hash dc04384e39cf116cb4cedc24223f83c9
08bcaed4567fd2a160b15b3dfbffa79a5cd9cd77
672f2981170bacc9cc0c464faab65af75154c9a265cca5b9c952234a1573cc78
GET /pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 20:17:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 34b6d5b94de5aa9a11745592f84aad0d
85c2890e443bcb8bc4443bf2d57fc0462b797617
39b175887782c7b0586123cc938fb5651c5edb230ae1d45be41de351ac42bff1
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 26 Oct 2022 20:17:47 GMT
expires: Wed, 26 Oct 2022 20:17:47 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16072662367159696676
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15168
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.pinimg.com/ct/core.js
23.38.200.197200 OK 1.1 kB IP 23.38.200.197:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash ed9b1cee44d88b21d18c9f6bcfc36179
0689b3e12635d0b5dbfe90a7675d44b01fc8f283
e4c1fbe0b150625065a56db762796c4ddf63c09f4d07d9f942db1cb9c8558fbf
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "ed9b1cee44d88b21d18c9f6bcfc36179"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash 1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Wed, 26 Oct 2022 20:17:47 GMT
x-served-by: cache-iad-kcgs7200165-IAD, cache-bma1681-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 84409c129527969831699eb02cd244b9
e1bd7e37698890246e939b31510f3ab3aac605c6
54a130a13a831b71441be9bfbd1b74d8a7433a8e4bb4ab3f5ed9edde6bcd3964
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: xdJ6BdZ3eoZXvVjglfZkvF6rCbxHvzkqU7kqF567z+7I09jlqIx0WvmV8GbkaLus/752Dinyd5st5tBVQcMWRA==
priority: u=3,i
content-length: 27076
x-fb-trip-id: 1904183273
date: Wed, 26 Oct 2022 20:17:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=35948B8960E16244062699C061B66319; domain=.bing.com; expires=Mon, 20-Nov-2023 20:17:47 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AB02F16411C54052B7953C8D46E62D0C Ref B: OSL30EDGE0412 Ref C: 2022-10-26T20:17:47Z
date: Wed, 26 Oct 2022 20:17:47 GMT
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.55e552f9.js
23.38.200.197200 OK 19 kB URL HTTP/2 s.pinimg.com/ct/lib/main.55e552f9.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (54284), with no line terminators
Hash 84c1602180f73853dc1e35f7296bdf7d
40aea44ea928e8d539381759b791f5c70f6d4c82
6b2faea09b5d5015a36ab4300e1034e1907895b40249e5fd11b42a66fbd21dac
GET /ct/lib/main.55e552f9.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "84c1602180f73853dc1e35f7296bdf7d"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 18601
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 77b5da0f60755df91da1b98333c6d33c
0c36c5f1063e2ef41d02e26ddf9ed1e0a490e6b4
085b499d52d53965301db8affc692e09876290e5d67bf09c83178cc54384999f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.clarity.ms/tag/uet/21006064
13.107.246.53200 OK 1.7 kB URL HTTP/2 www.clarity.ms/tag/uet/21006064
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1687), with no line terminators
Hash 91bd43893991e097eb7db3c33190a432
610fc3ef664cedf1875bb0a44ef9f5d51c45219a
9468bb14d343e397434b6d9757b382262c6532f873773b47b195eb54ec5f272f
GET /tag/uet/21006064 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1687
content-type: application/x-javascript
expires: -1
set-cookie: CLID=1183be2c62ac482099aed513b6d082b2.20221026.20231026; expires=Thu, 26 Oct 2023 20:17:47 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-cache: CONFIG_NOCACHE
x-azure-ref: 065VZYwAAAAAuhy6PlGyZTKJLdy5WNXRXU1ZHMjBFREdFMDYxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 26 Oct 2022 20:17:47 GMT
X-Firefox-Spdy: h2
www.clarity.ms/eus2-e/s/0.6.40/clarity.js
13.107.246.53404 Not Found 0 B URL HTTP/2 www.clarity.ms/eus2-e/s/0.6.40/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eus2-e/s/0.6.40/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
x-cache: CONFIG_NOCACHE
x-azure-ref: 065VZYwAAAACQWyNocvvLS6MJqiXyaStIU1ZHMjBFREdFMDYxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 26 Oct 2022 20:17:47 GMT
content-length: 0
X-Firefox-Spdy: h2
alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1666815466939
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1666815466939
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1666815466939 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
content-type: image/gif
accept-ranges: bytes
date: Wed, 26 Oct 2022 20:17:47 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9ab0372fbd4e9d389119ccc12be968eb
0e48ffd21d7abf1cf59a471feba8da1f26b934fc
090ac22163a5cc5471bd4220bc6ebe686b115c15378c5eb9066f0767066af57d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 931
Cache-Control: max-age=113700
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:47 GMT
Etag: "6358ab6c-1d7"
Expires: Fri, 28 Oct 2022 03:52:47 GMT
Last-Modified: Wed, 26 Oct 2022 03:37:16 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1662453783436&cv=9&fst=1662451200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=2&u_tz=330&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freg.usps.com%2Flogin&tiba=USPS.com%C2%AE%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3346932794&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 20:17:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 532447dec587c05348eb252e8c26fa54
bf880412b3bf0c7f88c29a0f0292e5fce7535cf0
d6de9fbfc4a9ea9e3c6990c7d01d7d01c47ee56fc0a60fc7d6a2e206b592bdd7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alb.reddit.com/rp.gif?ts=1666815467223&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=cfbe293e-f0c6-4a70-bc49-fca642663726&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1666815467223&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=cfbe293e-f0c6-4a70-bc49-fca642663726&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1666815467223&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=cfbe293e-f0c6-4a70-bc49-fca642663726&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Wed, 26 Oct 2022 20:17:47 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1666815467103
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1666815467103
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /snoo.gif?q=CAAHAAABAAoACQAAAA8sjYvfAA==&s=758ZB25Erv8S36eTAg3XLKvz7xb4K5BBW3pi8UyQQy8=&ts=1666815467103 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
content-type: image/gif
accept-ranges: bytes
date: Wed, 26 Oct 2022 20:17:47 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1666815467224&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=cfbe293e-f0c6-4a70-bc49-fca642663726&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1666815467224&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=cfbe293e-f0c6-4a70-bc49-fca642663726&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1666815467224&id=t2_txtps67&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=cfbe293e-f0c6-4a70-bc49-fca642663726&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Wed, 26 Oct 2022 20:17:47 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1666815467834
23.38.200.197200 OK 382 B URL HTTP/2 ct.pinterest.com/user/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1666815467834
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (539), with no line terminators
Hash 4133ff14bfae835ba7a2976dd28e0b9b
16163c58f272d772629605e987cdcc02fc1d78a2
c887dfff8fa67dd6fa30fae875db0c94ff1ad8ae8fc48a81ef2e1d262dfb44a4
GET /user/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1666815467834 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usps-postage-mail-forwarding-html.fartit.com
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU1qQmhNems0WldFdE1qUXpaaTAwTnpBd0xUaGxZVEF0TWpneVpUbGtOamc0WVRJNA
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://usps-postage-mail-forwarding-html.fartit.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 382
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1995027642713458
date: Wed, 26 Oct 2022 20:17:48 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1666815467.bf8d4ec0
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
k.clarity.ms/collect
20.96.88.162204 No Content 0 B IP 20.96.88.162:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: k.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2597
Origin: https://usps-postage-mail-forwarding-html.fartit.com
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
access-control-allow-origin: https://usps-postage-mail-forwarding-html.fartit.com
access-control-allow-credentials: true
date: Wed, 26 Oct 2022 20:17:46 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=21006064&Ver=2&mid=444d143e-b62d-493d-a7f2-98c1178d5a26&sid=422a1390556b11ed86cdc14275ce3f15&vid=422a2a70556b11ed8b9b6df2fd842b35&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=USPS.com%C2%AE%20-%20Account%20Verification&p=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&r=<=3332&evt=pageLoad&sv=1&rn=618288
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=21006064&Ver=2&mid=444d143e-b62d-493d-a7f2-98c1178d5a26&sid=422a1390556b11ed86cdc14275ce3f15&vid=422a2a70556b11ed8b9b6df2fd842b35&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=USPS.com%C2%AE%20-%20Account%20Verification&p=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&r=<=3332&evt=pageLoad&sv=1&rn=618288
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=21006064&Ver=2&mid=444d143e-b62d-493d-a7f2-98c1178d5a26&sid=422a1390556b11ed86cdc14275ce3f15&vid=422a2a70556b11ed8b9b6df2fd842b35&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=USPS.com%C2%AE%20-%20Account%20Verification&p=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&r=<=3332&evt=pageLoad&sv=1&rn=618288 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3EECF5A5D0366BFF16C3E7ECD1616AC0; domain=.bing.com; expires=Mon, 20-Nov-2023 20:17:48 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F5922464D30843CBB43284B858A171D0 Ref B: OSL30EDGE0412 Ref C: 2022-10-26T20:17:48Z
date: Wed, 26 Oct 2022 20:17:47 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/21006064.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/21006064.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/21006064.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
set-cookie: MUID=065DDF1A1FCE6E922C2CCD531E996F0A; domain=.bing.com; expires=Mon, 20-Nov-2023 20:17:48 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4160E0CB493F4F3EA2EAAD66C29F1D7A Ref B: OSL30EDGE0412 Ref C: 2022-10-26T20:17:48Z
date: Wed, 26 Oct 2022 20:17:47 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1666815467811&cv=9&fst=1666815467811&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=1085998890.1666815467&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.130200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1666815467811&cv=9&fst=1666815467811&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=1085998890.1666815467&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2630), with no line terminators
Hash 2197fcc28ef79b46067e10daf3c7b08b
09ce7cc29e1ba20480eeec38d72e7ed0ac9223d2
d382d2a533b0241cff18ab6587d49895e6782a0db6fdbb59ff4082176e51383f
GET /pagead/viewthroughconversion/978081151/?random=1666815467811&cv=9&fst=1666815467811&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=1085998890.1666815467&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 20:17:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1197
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 26-Oct-2022 20:32:48 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1666815467809&cv=9&fst=1666815467809&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=1085998890.1666815467&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.130200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/978081151/?random=1666815467809&cv=9&fst=1666815467809&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=1085998890.1666815467&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2630), with no line terminators
Hash 8a820898cd29d4d7448046da37aecccb
1ec27bea8c50cfc158acd71d6cf6e44c49127346
2912d6da6a77493fd3e896565daae2e0145e1edb7ca5d23320d0f9a151e409cf
GET /pagead/viewthroughconversion/978081151/?random=1666815467809&cv=9&fst=1666815467809&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&auid=1085998890.1666815467&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 20:17:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 26-Oct-2022 20:32:48 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
reg.usps.com/entreg/favicon.ico
192.229.221.165200 OK 1.2 kB URL HTTP/2 reg.usps.com/entreg/favicon.ico
IP 192.229.221.165:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 178819cc32a7774822e3550c57cd20aa
c8050ec440e8cc1367a6115934edc0bf94a0d343
8565aaa87282f585b8a021ee0e693f662eb179df62890d01e086cc9f23dec1d2
GET /entreg/favicon.ico HTTP/1.1
Host: reg.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
age: 64907
cache-control: no-cache
content-type: image/x-icon
date: Wed, 26 Oct 2022 20:17:48 GMT
etag: "47e-5ea5d077c5480"
expires: Wed, 26 Oct 2022 20:17:47 GMT
last-modified: Thu, 06 Oct 2022 12:42:42 GMT
server: ECAcc (dcb/7F0E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN, DENY
x-ruleset-version: 2.5
content-length: 1150
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%226a93501c%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1666815467842
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%226a93501c%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1666815467842
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%226a93501c%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1666815467842 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 3101114298345885
date: Wed, 26 Oct 2022 20:17:48 GMT
akamai-grn: 0.274f2417.1666815468.bf8d5645
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.6a93501c.js
23.38.200.197200 OK 21 kB URL HTTP/2 s.pinimg.com/ct/lib/main.6a93501c.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (59804), with no line terminators
Hash 5853c9e8d11a7d02cdd1f89c216506e2
aa4690cd6c9e132eda10004e688d461eb9e410b4
59547baca2bb0b980e8e9618725b3e643a92318af01f5970ecdbbb97f67734fe
GET /ct/lib/main.6a93501c.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "5853c9e8d11a7d02cdd1f89c216506e2"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20718
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ce5d09bafa968f66bc7828927cb90e05
d6445e57629d1fcb89ac2fefdc5071cf82f71a59
e6b4e02dcd04a13ac1c6ce72819b8f20b1b5555a516151264b9a685532c38632
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ce5d09bafa968f66bc7828927cb90e05
d6445e57629d1fcb89ac2fefdc5071cf82f71a59
e6b4e02dcd04a13ac1c6ce72819b8f20b1b5555a516151264b9a685532c38632
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/978081151/?random=1666815467809&cv=9&fst=1666814400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=3954826994&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/978081151/?random=1666815467809&cv=9&fst=1666814400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=3954826994&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1666815467809&cv=9&fst=1666814400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=3954826994&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 20:17:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ce5d09bafa968f66bc7828927cb90e05
d6445e57629d1fcb89ac2fefdc5071cf82f71a59
e6b4e02dcd04a13ac1c6ce72819b8f20b1b5555a516151264b9a685532c38632
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 20:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/978081151/?random=1666815467811&cv=9&fst=1666814400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=1372159558&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/978081151/?random=1666815467811&cv=9&fst=1666814400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=1372159558&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/978081151/?random=1666815467811&cv=9&fst=1666814400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&tiba=USPS.com%C2%AE%20-%20Account%20Verification&async=1&fmt=3&is_vtc=1&random=1372159558&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 20:17:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=533374513433337&ev=PageView&dl=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&rl=&if=false&ts=1666815468326&sw=1280&sh=1024&v=2.9.88&r=stable&ec=0&o=30&fbp=fb.1.1666815468325.761200410&it=1666815467849&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=533374513433337&ev=PageView&dl=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&rl=&if=false&ts=1666815468326&sw=1280&sh=1024&v=2.9.88&r=stable&ec=0&o=30&fbp=fb.1.1666815468325.761200410&it=1666815467849&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=533374513433337&ev=PageView&dl=https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F&rl=&if=false&ts=1666815468326&sw=1280&sh=1024&v=2.9.88&r=stable&ec=0&o=30&fbp=fb.1.1666815468325.761200410&it=1666815467849&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 26 Oct 2022 20:17:48 GMT
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%226a93501c%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1666815467843
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%226a93501c%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1666815467843
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2621041933204&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fusps-postage-mail-forwarding-html.fartit.com%2FUSPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK%2F1%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%226a93501c%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1666815467843 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1088988430755532
date: Wed, 26 Oct 2022 20:17:48 GMT
akamai-grn: 0.274f2417.1666815468.bf8d564e
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
bat.bing.com/actionp/0?ti=21006064&Ver=2&mid=444d143e-b62d-493d-a7f2-98c1178d5a26&sid=422a1390556b11ed86cdc14275ce3f15&vid=422a2a70556b11ed8b9b6df2fd842b35&vids=1&msclkid=N&evt=dedup
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/actionp/0?ti=21006064&Ver=2&mid=444d143e-b62d-493d-a7f2-98c1178d5a26&sid=422a1390556b11ed86cdc14275ce3f15&vid=422a2a70556b11ed8b9b6df2fd842b35&vids=1&msclkid=N&evt=dedup
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /actionp/0?ti=21006064&Ver=2&mid=444d143e-b62d-493d-a7f2-98c1178d5a26&sid=422a1390556b11ed86cdc14275ce3f15&vid=422a2a70556b11ed8b9b6df2fd842b35&vids=1&msclkid=N&evt=dedup HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usps-postage-mail-forwarding-html.fartit.com
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=18C0F885019D69CB0909EACC00CA687E; domain=.bing.com; expires=Mon, 20-Nov-2023 20:17:48 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F615E053F3FE489F8FCFFAB369091A11 Ref B: OSL30EDGE0412 Ref C: 2022-10-26T20:17:48Z
date: Wed, 26 Oct 2022 20:17:48 GMT
X-Firefox-Spdy: h2
resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/generic1658346138978.js
104.110.27.57200 OK 87 kB URL HTTP/2 resources.digital-cloud-gov.medallia.com/wdcgov/2/onsite/generic1658346138978.js
IP 104.110.27.57:0
File type Unicode text, UTF-8 text, with very long lines (50708)
Hash 5671cdf0c90d90f7936d3615610dfaba
3b4d7e74f6ba4c6c304664bedad1729ece795109
7dc4653ec044dfbe3da08924240a0eaf9c53a3976b64c85b25d813cb8f3d71bd
GET /wdcgov/2/onsite/generic1658346138978.js HTTP/1.1
Host: resources.digital-cloud-gov.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Wed Jul 20 2022 19:42:20 GMT+0000 (Coordinated Universal Time)
etag: "4384210c1d0e40bc75d1627a0ee01eeb"
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-encoding: gzip
content-length: 87173
cache-control: private, max-age=2586314
date: Wed, 26 Oct 2022 20:17:48 GMT
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-origin: *
X-Firefox-Spdy: h2
ct.pinterest.com/ct.html
23.38.200.197200 OK 323 B IP 23.38.200.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 1584129049265699
date: Wed, 26 Oct 2022 20:17:48 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1666815468.bf8d6675
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=84C46B80B2834990BCE3158B59F37047&RedC=c.clarity.ms&MXFR=3531D664D7576B8F3DDFC42DD35765A4
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=3531D664D7576B8F3DDFC42DD35765A4; domain=.clarity.ms; expires=Mon, 20-Nov-2023 20:17:48 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 26 Oct 2022 20:17:47 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=84C46B80B2834990BCE3158B59F37047&RedC=c.clarity.ms&MXFR=3531D664D7576B8F3DDFC42DD35765A4
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=84C46B80B2834990BCE3158B59F37047&RedC=c.clarity.ms&MXFR=3531D664D7576B8F3DDFC42DD35765A4
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=84C46B80B2834990BCE3158B59F37047&RedC=c.clarity.ms&MXFR=3531D664D7576B8F3DDFC42DD35765A4 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=84C46B80B2834990BCE3158B59F37047&MUID=207DEC0935F765792086FE4034A06432
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=207DEC0935F765792086FE4034A06432; domain=c.bing.com; expires=Mon, 20-Nov-2023 20:17:48 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 635446C364E443DAAE641195D56D4E72 Ref B: OSL30EDGE0412 Ref C: 2022-10-26T20:17:48Z
date: Wed, 26 Oct 2022 20:17:48 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=84C46B80B2834990BCE3158B59F37047&MUID=207DEC0935F765792086FE4034A06432
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=84C46B80B2834990BCE3158B59F37047&MUID=207DEC0935F765792086FE4034A06432
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=84C46B80B2834990BCE3158B59F37047&MUID=207DEC0935F765792086FE4034A06432 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 26-Oct-2022 20:27:48 GMT; path=/; SameSite=None; Secure;
date: Wed, 26 Oct 2022 20:17:47 GMT
content-length: 42
X-Firefox-Spdy: h2
k.clarity.ms/collect
20.96.88.162204 No Content 0 B IP 20.96.88.162:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: k.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 915
Origin: https://usps-postage-mail-forwarding-html.fartit.com
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
access-control-allow-origin: https://usps-postage-mail-forwarding-html.fartit.com
access-control-allow-credentials: true
date: Wed, 26 Oct 2022 20:17:47 GMT
X-Firefox-Spdy: h2
usps-postage-mail-forwarding-html.fartit.com/__imp_apg__/api/dip/v1/dip
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/__imp_apg__/api/dip/v1/dip
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
POST /__imp_apg__/api/dip/v1/dip HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 2202
Origin: https://usps-postage-mail-forwarding-html.fartit.com
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea; _clck=zfp1oy|1|f61|0; _ga=GA1.3.127167284.1666815467; _gid=GA1.3.2001802361.1666815467; _gat_GSA_ENOR0=1; _gcl_au=1.1.1085998890.1666815467; _ga=GA1.1.127167284.1666815467; _gid=GA1.2.2001802361.1666815467; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1666815467.1.0.1666815467.0.0.0; _rdt_uuid=1666815467223.cfbe293e-f0c6-4a70-bc49-fca642663726; mdLogger=false; kampyleUserSession=1666815468593; kampyleSessionPageCounter=1; kampyleUserSessionsCount=2; _uetsid=422a1390556b11ed86cdc14275ce3f15; _uetvid=422a2a70556b11ed8b9b6df2fd842b35; _fbp=fb.1.1666815468325.761200410; _pin_unauth=dWlkPU1qQmhNems0WldFdE1qUXpaaTAwTnpBd0xUaGxZVEF0TWpneVpUbGtOamc0WVRJNA; _clsk=dad5x9|1666815468483|1|0|k.clarity.ms/collect
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 26 Oct 2022 20:17:49 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-html.fartit.com/__imp_apg__/api/imp/v1.0/report/?m&fq=load
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/__imp_apg__/api/imp/v1.0/report/?m&fq=load
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
POST /__imp_apg__/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
content-type: text/plain;charset=UTF-8
Origin: https://usps-postage-mail-forwarding-html.fartit.com
Content-Length: 912
Connection: keep-alive
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea; _clck=zfp1oy|1|f61|0; _ga=GA1.3.127167284.1666815467; _gid=GA1.3.2001802361.1666815467; _gat_GSA_ENOR0=1; _gcl_au=1.1.1085998890.1666815467; _ga=GA1.1.127167284.1666815467; _gid=GA1.2.2001802361.1666815467; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1666815467.1.0.1666815467.0.0.0; _rdt_uuid=1666815467223.cfbe293e-f0c6-4a70-bc49-fca642663726; mdLogger=false; kampyleUserSession=1666815468593; kampyleSessionPageCounter=1; kampyleUserSessionsCount=2; _uetsid=422a1390556b11ed86cdc14275ce3f15; _uetvid=422a2a70556b11ed8b9b6df2fd842b35; _fbp=fb.1.1666815468325.761200410; _pin_unauth=dWlkPU1qQmhNems0WldFdE1qUXpaaTAwTnpBd0xUaGxZVEF0TWpneVpUbGtOamc0WVRJNA; _clsk=dad5x9|1666815468483|1|0|k.clarity.ms/collect; __ts_xfdF3__=326814162; _imp_apg_r_=%7B%22_fr%22%3A10000%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 26 Oct 2022 20:17:49 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46a778e-e75b-47e4-aeb6-86c999571ae0.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46a778e-e75b-47e4-aeb6-86c999571ae0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83eeb2a673d2d0b119ba37fec52d30d1
e4d440e51b826e2cd69a00f4abf195971b2843df
4a15ba8118e9ecfe75177a4ae36fe97f14f4d9b4c6938d5863e7ae805bccb431
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46a778e-e75b-47e4-aeb6-86c999571ae0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6090
x-amzn-requestid: ab19f9fb-ebca-468d-9fb4-b70b4812a5b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alKjiEiNoAMFQ8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635857b0-63fc3f874e6015777194599c;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XP-AENoYybJ1Cfq20JeJepvlYgTQJB0uQ2CjLGZqwTQTcQvbscEL4w==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:49:23 GMT
etag: "e4d440e51b826e2cd69a00f4abf195971b2843df"
content-type: image/jpeg
age: 80910
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
usps-postage-mail-forwarding-html.fartit.com/__imp_apg__/api/imp/v1.0/report/?x
146.190.217.48404 Not Found 315 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/__imp_apg__/api/imp/v1.0/report/?x
IP 146.190.217.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
POST /__imp_apg__/api/imp/v1.0/report/?x HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
content-type: text/plain;charset=UTF-8
Origin: https://usps-postage-mail-forwarding-html.fartit.com
Content-Length: 472
Connection: keep-alive
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea; _clck=zfp1oy|1|f61|0; _ga=GA1.3.127167284.1666815467; _gid=GA1.3.2001802361.1666815467; _gat_GSA_ENOR0=1; _gcl_au=1.1.1085998890.1666815467; _ga=GA1.1.127167284.1666815467; _gid=GA1.2.2001802361.1666815467; _dc_gtm_UA-80133954-3=1; _ga_3NXP3C8S9V=GS1.1.1666815467.1.0.1666815467.0.0.0; _rdt_uuid=1666815467223.cfbe293e-f0c6-4a70-bc49-fca642663726; mdLogger=false; kampyleUserSession=1666815468593; kampyleSessionPageCounter=1; kampyleUserSessionsCount=2; _uetsid=422a1390556b11ed86cdc14275ce3f15; _uetvid=422a2a70556b11ed8b9b6df2fd842b35; _fbp=fb.1.1666815468325.761200410; _pin_unauth=dWlkPU1qQmhNems0WldFdE1qUXpaaTAwTnpBd0xUaGxZVEF0TWpneVpUbGtOamc0WVRJNA; _clsk=dad5x9|1666815468483|1|0|k.clarity.ms/collect; __ts_xfdF3__=832075202; _imp_apg_r_=%7B%22_fr%22%3A40404%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 26 Oct 2022 20:17:53 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/js_002
146.190.217.48200 OK 0 B URL HTTP/1.1 usps-postage-mail-forwarding-html.fartit.com/KNYGHT/1/js_002
IP 146.190.217.48:0
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /KNYGHT/1/js_002 HTTP/1.1
Host: usps-postage-mail-forwarding-html.fartit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usps-postage-mail-forwarding-html.fartit.com/USPSRT98UYR6M4ERWAR7OPIUY46HG13XVREDSAW7REW446GBVC13ERW89REW78IOUYT13OIYT210C23FGIUYPO98EQW445WAREX23NJKHL-089YUTE6EWRR469YTU6DSF3123BCVNK/1/
Cookie: PHPSESSID=201da116df1622e96d34b5010b53dcea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 20:17:46 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 14:13:20 GMT
Accept-Ranges: bytes
Content-Length: 162143
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive