urlscan.io logo urlscan.io
SecurityTrails logo

tracking-usps.businesess.co.za Open in urlscan Pro
196.41.130.163  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://tracking-usps.businesess.co.za/17dct.php
Submission Tags: phishing
Submission: On April 26 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 16 domains to perform 53 HTTP transactions. The main IP is 196.41.130.163, located in South Africa and belongs to OPTINET, ZA. The main domain is tracking-usps.businesess.co.za.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 25th 2021. Valid for: 3 months.
This is the only time tracking-usps.businesess.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
2 196.41.130.163 12258 (OPTINET)
2 104.111.216.57 16625 (AKAMAI-AS)
17 144.160.155.70 797 (AMERITECH-AS)
1 69.168.104.86 36271 (SYNACOR-C...)
4 9 54.170.210.188 16509 (AMAZON-02)
1 3.250.252.43 16509 (AMAZON-02)
1 1 3.120.52.200 16509 (AMAZON-02)
2 2 37.252.172.249 29990 (ASN-APPNEX)
2 2 35.244.174.68 15169 (GOOGLE)
1 104.244.42.3 13414 (TWITTER)
1 1 52.31.168.5 16509 (AMAZON-02)
1 2 72.21.206.140 16509 (AMAZON-02)
5 142.250.186.66 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
53 16
2    196.41.130.163 (South Africa)

ASN12258 (OPTINET, ZA)
PTR: cpt-cpanel-13.mweb.co.za
tracking-usps.businesess.co.za
2    104.111.216.57 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-57.deploy.static.akamaitechnologies.com
www.att.com
17    144.160.155.70 (United States)

ASN797 (AMERITECH-AS, US)
home.secureapp.att.net
1    69.168.104.86 (United States)

ASN36271 (SYNACOR-CLUSTER, US)
sadlib.static-app.synacor.com
9    54.170.210.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-210-188.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    3.250.252.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-250-252-43.eu-west-1.compute.amazonaws.com
att.demdex.net
1    3.120.52.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-52-200.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    52.31.168.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-168-5.eu-west-1.compute.amazonaws.com
ml314.com
2    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com
s.amazon-adsystem.com
5    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
5    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
1    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
01b72d2030385566562cb6154ec7e14a.safeframe.googlesyndication.com
6    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
17 home.secureapp.att.net tracking-usps.businesess.co.za
home.secureapp.att.net
9 dpm.demdex.net 4 redirects www.att.com
tracking-usps.businesess.co.za
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 securepubads.g.doubleclick.net sadlib.static-app.synacor.com
securepubads.g.doubleclick.net
tracking-usps.businesess.co.za
www.googletagservices.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 s.amazon-adsystem.com 1 redirects tracking-usps.businesess.co.za
2 idsync.rlcdn.com 2 redirects
2 ib.adnxs.com 2 redirects
2 www.att.com tracking-usps.businesess.co.za
2 tracking-usps.businesess.co.za tracking-usps.businesess.co.za
1 www.google.com securepubads.g.doubleclick.net
1 01b72d2030385566562cb6154ec7e14a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 ml314.com 1 redirects
1 analytics.twitter.com tracking-usps.businesess.co.za
1 aa.agkn.com 1 redirects
1 att.demdex.net www.att.com
1 sadlib.static-app.synacor.com tracking-usps.businesess.co.za
0 smetrics.att.com Failed www.att.com
53 21

This site contains links to these domains. Also see Links.

Domain
www.att.net
www.att.com
uverseonline.att.net
elportal.att.net
attreg.att.net
Subject Issuer Validity Valid
tracking-usps.businesess.co.za
cPanel, Inc. Certification Authority		 2021-04-25 -
2021-07-24		 3 months crt.sh
*.att.com
DigiCert SHA2 Secure Server CA		 2021-01-05 -
2022-01-09		 a year crt.sh
home.secureapp.att.net
DigiCert SHA2 Secure Server CA		 2020-07-10 -
2022-09-17		 2 years crt.sh
*.static-app.synacor.com
DigiCert SHA2 High Assurance Server CA		 2019-08-05 -
2021-08-25		 2 years crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://tracking-usps.businesess.co.za/17dct.php
Frame ID: F7D8DFE47471EEE96AF4DAA3933BB07F
Requests: 34 HTTP requests in this frame

Frame: https://att.demdex.net/dest5.html?d_nsid=0
Frame ID: 8754CD4830547AD6DEC535698F4F38C6
Requests: 7 HTTP requests in this frame

Frame: https://01b72d2030385566562cb6154ec7e14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E4859405B40F28A690949A3C7185C087
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5B686177F37CA71E889DFA267CF964B2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite.js
Frame ID: 69449C0F40A15E7C4C40C89D514D2914
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 756C0BC27BE06E851AD2FCD07ACFD24C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

53
Requests

98 %
HTTPS

32 %
IPv6

16
Domains

21
Subdomains

16
IPs

4
Countries

825 kB
Transfer

1565 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=65200063955141452403850611345901639251 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=165011203768001141032 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=21&dpuuid=165011203768001141032
Request Chain 24
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=6253822551717092001 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=6253822551717092001
Request Chain 25
  • https://idsync.rlcdn.com/365868.gif?partner_uid=65200063955141452403850611345901639251 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNjUyMDAwNjM5NTUxNDE0NTI0MDM4NTA2MTEzNDU5MDE2MzkyNTEQABoNCIKInIQGEgUI6AcQAEIASgA HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=85507f6c02e91dc563af2606882e5abc7936fcf609a31198a83f2f851b12dfa3b0da87c991749652 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=85507f6c02e91dc563af2606882e5abc7936fcf609a31198a83f2f851b12dfa3b0da87c991749652
Request Chain 27
  • https://ml314.com/utsync.ashx?eid=50112&et=0&0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3618320625268424753 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3618320625268424753
Request Chain 28
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 17dct.php
tracking-usps.businesess.co.za/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
196.41.130.163 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
cpt-cpanel-13.mweb.co.za
Software
Apache /
Resource Hash
2ebde8e3a36a0f1f24fbe7f587cd693a531ef8bed2becd47adaef260620ee583

Request headers

Host
tracking-usps.businesess.co.za
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:40 GMT
Server
Apache
Content-Encoding
gzip
Vary
Accept-Encoding
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
detm-container-hdr.js
www.att.com/scripts/adobe/prod/ 		97 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.att.com/scripts/adobe/prod/detm-container-hdr.js
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.216.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ae996996376499e5a6e32ffc5e3b2cbf8efa7f13f55658f9b4b74929a3cb6297
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 18:18:40 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:09:16 GMT
server
AkamaiNetStorage
etag
"286f944d2dad305ef1a964aedca1da90:1617322156.852424"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-cache, private, max-age=7776000
server-timing
cdn-cache; desc=HIT, edge; dur=1
edge-redirector-policy
legacy_att_redirects
strict-transport-security
max-age=15768000 ; preload
accept-ranges
bytes
content-length
27858
_fontface.css
home.secureapp.att.net/css/sso/slid/1201/ 		0
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/css/sso/slid/1201/_fontface.css
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"54148e-0-56dfc1864d200"
Last-Modified
Wed, 06 Jun 2018 16:59:52 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
text/css
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
0
X-XSS-Protection
1; mode=block
main_syn.css
home.secureapp.att.net/css/sso/slid/1201/ 		25 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
b9a3d7a9798fe06b2f4aef0bc3bbda08a14fd8a65db34cf864075e8c7ec78367
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"54148b-6498-56dfc18558fc0"
Last-Modified
Wed, 06 Jun 2018 16:59:51 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
text/css
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25752
X-XSS-Protection
1; mode=block
jquery-1.5.1.min.js
home.secureapp.att.net/js/jquery/ 		83 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"443d1a-14d0c-56dfbf4cf52c0"
Last-Modified
Wed, 06 Jun 2018 16:49:55 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
application/x-javascript
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
85260
X-XSS-Protection
1; mode=block
jquery.simplemodal.js
home.secureapp.att.net/js/jquery/simplemodal/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/js/jquery/simplemodal/jquery.simplemodal.js
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
70b5a6613f03d3c015d826185e39839e6dbc2d03871f151bafbed5cc58503f69
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"54140b-24fd-56dfbf5772b80"
Last-Modified
Wed, 06 Jun 2018 16:50:06 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
application/x-javascript
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9469
X-XSS-Protection
1; mode=block
script_syn.js
home.secureapp.att.net/js/sso/slid/1201/ 		41 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/js/sso/slid/1201/script_syn.js
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
352b4b49c61c544f77a190243d398ea50aff0cce0f1d5d2a518c5f23165ec5d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"5414eb-a40b-5875885ba3c80"
Last-Modified
Thu, 25 Apr 2019 10:45:54 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
application/x-javascript
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
41995
X-XSS-Protection
1; mode=block
att.js
sadlib.static-app.synacor.com/client/att/ 		350 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sadlib.static-app.synacor.com/client/att/att.js
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.168.104.86 , United States, ASN36271 (SYNACOR-CLUSTER, US),
Reverse DNS
Software
nginx /
Resource Hash
bf14f0885f9b53df8e510e6dc4903a4c5d8c3132554b532bf53de2a3177bed6c

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
Content-Encoding
gzip
Age
0
Transfer-Encoding
chunked
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Tue, 13 Apr 2021 22:11:17 GMT
Server
nginx
ETag
"5792b-5bfe1e8c00b40"
Vary
Accept-Encoding
X-Varnish
406194322
Via
1.1 varnish
Cache-Control
max-age=300
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Mon, 26 Apr 2021 18:23:41 GMT
Button.png
home.secureapp.att.net/design/CDLS10/img/logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/CDLS10/img/logos/Button.png
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
8e6ec1efd720fba57823309829b05bb57ebb5716c813c88b3c88cf36ab9aa5e9
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"8c04bf-9a2-583d5a2f82f40"
Last-Modified
Mon, 11 Mar 2019 18:21:09 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
image/png
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2466
X-XSS-Protection
1; mode=block
AT&T_logo.png
home.secureapp.att.net/design/CDLS10/img/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/CDLS10/img/logos/AT&T_logo.png
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
a8c89bb3937cdc4a70b3568eae5a390d918433be78f89deba07846932ae7c695
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"8c042d-d37-583d5a2e8ed00"
Last-Modified
Mon, 11 Mar 2019 18:21:08 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
image/png
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3383
X-XSS-Protection
1; mode=block
detm-container-ftr.js
www.att.com/scripts/adobe/prod/ 		581 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.att.com/scripts/adobe/prod/detm-container-ftr.js
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.216.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bfb9ce8a55af349aac152bf1ef818376642d93fb4c2ccc3f54332cacbce1ad8f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 18:18:41 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 23:04:26 GMT
server
AkamaiNetStorage
etag
"c7508b0191b26fbf61d7f89e013f14c9:1603839866.030563"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-cache, private, max-age=7776000
server-timing
cdn-cache; desc=HIT, edge; dur=1
edge-redirector-policy
legacy_att_redirects
strict-transport-security
max-age=15768000 ; preload
accept-ranges
bytes
content-length
340
id
dpm.demdex.net/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1619461120718
Requested by
Host: www.att.com
URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-210-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6ff918bb64cfba5c9f286260f5a5391f57c5817a042c913263881c4f1905dcfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v005-00e5100c1.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
zQplkn2VQRg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://tracking-usps.businesess.co.za
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
592
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mobile.css
home.secureapp.att.net/css/sso/slid/1201/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/css/sso/slid/1201/mobile.css
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
601f450bfc37544f6ebbdcbecf66d18121b3a6c99ff9ab31994769f1b08f6e86
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"9000ec-fa1-598318ebb1cc0"
Last-Modified
Mon, 25 Nov 2019 20:24:59 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
text/css
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4001
X-XSS-Protection
1; mode=block
id
smetrics.att.com/ 		0
0
webtrends.min.js
tracking-usps.businesess.co.za/commonLogin/igate_edam/staticContent/images/SLID/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking-usps.businesess.co.za/commonLogin/igate_edam/staticContent/images/SLID/js/webtrends.min.js
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
196.41.130.163 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
cpt-cpanel-13.mweb.co.za
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
tracking-usps.businesess.co.za
Accept-Language
en-US
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://tracking-usps.businesess.co.za/17dct.php
Cookie
AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=1994364360%7CMCIDTS%7C18744%7CMCMID%7C64923907630954168263824174952592916593%7CMCAAMLH-1620065920%7C6%7CMCAAMB-1620065920%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1619468320s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.4.0
Connection
keep-alive
Referer
https://tracking-usps.businesess.co.za/17dct.php
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
pageBg.png
home.secureapp.att.net/design/cdls10/img/ui/ 		169 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/cdls10/img/ui/pageBg.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"5a05d3-a9-584693b8bbf40"
Last-Modified
Tue, 19 Mar 2019 02:26:29 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
image/png
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
169
X-XSS-Protection
1; mode=block
btnSumbit.png
home.secureapp.att.net/img/sso/slid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/img/sso/slid/btnSumbit.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"58172d-573-583d5ba465f00"
Last-Modified
Mon, 11 Mar 2019 18:27:40 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
image/png
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1395
X-XSS-Protection
1; mode=block
footerBg.png
home.secureapp.att.net/design/CDLS10/img/ui/ 		560 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/CDLS10/img/ui/footerBg.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:42 GMT
ETag
"8c0053-230-584680e200d00"
Last-Modified
Tue, 19 Mar 2019 01:02:12 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
image/png
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
560
X-XSS-Protection
1; mode=block
attGlobalNavHeader-bg.gif
home.secureapp.att.net/design/cdls20/img/ui/ 		149 B
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/cdls20/img/ui/attGlobalNavHeader-bg.gif
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"5a05d7-95-58469479605c0"
Last-Modified
Tue, 19 Mar 2019 02:29:51 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
image/gif
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
149
X-XSS-Protection
1; mode=block
att_globe_blue_80x80.png
home.secureapp.att.net/design/CDLS10/img/logos/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/CDLS10/img/logos/att_globe_blue_80x80.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"581713-40c4-583d5a2f82f40"
Last-Modified
Mon, 11 Mar 2019 18:21:09 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
image/png
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16580
X-XSS-Protection
1; mode=block
support-icon.jpg
home.secureapp.att.net/img/sso/slid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/img/sso/slid/support-icon.jpg
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"58173b-615-583d5ba836800"
Last-Modified
Mon, 11 Mar 2019 18:27:44 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
image/jpeg
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1557
X-XSS-Protection
1; mode=block
txt-clear.png
home.secureapp.att.net/img/sso/slid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/img/sso/slid/txt-clear.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"58173d-cda-583d5ba836800"
Last-Modified
Mon, 11 Mar 2019 18:27:44 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
image/png
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3290
X-XSS-Protection
1; mode=block
ques.png
home.secureapp.att.net/img/sso/slid/ 		363 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/img/sso/slid/ques.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
unknown / unknown
Resource Hash
5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Frame-Options ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 26 Apr 2021 18:18:41 GMT
ETag
"581739-16b-583d5ba7425c0"
Last-Modified
Mon, 11 Mar 2019 18:27:43 GMT
Server
unknown
x-powered-by
unknown
X-Frame-Options
ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type
image/png
x-generator
unknown
Content-Security-Policy
frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
363
X-XSS-Protection
1; mode=block
dest5.html
att.demdex.net/ Frame 8754 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://att.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.att.com
URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.250.252.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-250-252-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
att.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tracking-usps.businesess.co.za/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Referer
https://tracking-usps.businesess.co.za/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Mon, 26 Apr 2021 18:18:41 GMT
DCS
dcs-prod-irl1-1-v005-0ef81bf6f.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 22 Apr 2021 14:27:12 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
q2n6kY0pQ1s=
Content-Length
2791
Connection
keep-alive
demconf.jpg
dpm.demdex.net/ Frame 8754
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=65200063955141452403850611345901639251
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=165011203768001141032
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=21&dpuuid=165011203768001141032
42 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=21&dpuuid=165011203768001141032
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-210-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://att.demdex.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

DCS
dcs-prod-irl1-1-v005-096625527.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
IK6KFoj6TJk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v005-096625527.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
sOmE58zSSgE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=21&dpuuid=165011203768001141032
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
demconf.jpg
dpm.demdex.net/ Frame 8754
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=6253822551717092001
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=6253822551717092001
42 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=6253822551717092001
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-210-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://att.demdex.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

DCS
dcs-prod-irl1-1-v005-0c009086c.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qApwbgr5Qg4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v005-00de1037c.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
32oQWT6FR8A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=6253822551717092001
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
demconf.jpg
dpm.demdex.net/ Frame 8754
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=65200063955141452403850611345901639251
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNjUyMDAwNjM5NTUxNDE0NTI0MDM4NTA2MTEzNDU5MDE2MzkyNTEQABoNCIKInIQGEgUI6AcQAEIASgA
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=85507f6c02e91dc563af2606882e5abc7936fcf609a31198a83f2f851b12dfa3b0da87c991749652
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=85507f6c02e91dc563af2606882e5abc7936fcf609a31198a83f2f851b12dfa3b0da87c991749652
42 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=85507f6c02e91dc563af2606882e5abc7936fcf609a31198a83f2f851b12dfa3b0da87c991749652
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-210-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://att.demdex.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

DCS
dcs-prod-irl1-1-v005-056c20247.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
1w9B9RwZQCY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v005-0d13094cd.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
GAzNfw9+RvE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=85507f6c02e91dc563af2606882e5abc7936fcf609a31198a83f2f851b12dfa3b0da87c991749652
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
adsct
analytics.twitter.com/i/ Frame 8754 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=65200063955141452403850611345901639251&p_id=38594
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://att.demdex.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 18:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Mon, 26 Apr 2021 18:18:42 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
276755d999cdc5d6fabd6e9dd5a6df4b
x-transaction
00b38d2b00288938
expires
Tue, 31 Mar 1981 05:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 8754
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3618320625268424753
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3618320625268424753
42 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3618320625268424753
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-210-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://att.demdex.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

DCS
dcs-prod-irl1-1-v005-008f20212.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3c2/44ADR0k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v005-02d3ecb1f.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Q5YUnuHNRT4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3618320625268424753
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
dcm
s.amazon-adsystem.com/ Frame 8754
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://att.demdex.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 18:18:42 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 18:18:42 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/att/att.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
57f83c06cedade6f7f939dd10d4eaf36923b631578205a859792898506d3d7a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 18:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"854 / 598 of 1000 / last-modified: 1619435394"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21141
x-xss-protection
0
expires
Mon, 26 Apr 2021 18:18:42 GMT
pubads_impl_2021042101.js
securepubads.g.doubleclick.net/gpt/ 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 18:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 Apr 2021 08:38:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108325
x-xss-protection
0
expires
Mon, 26 Apr 2021 18:18:42 GMT
context.dll
home.secureapp.att.net/attportal/s/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/attportal/s/context.dll?id=9002001&type=clickthru&name=cgate.signIn.Pageviews.www-att-net&redirecturl=/i/s.gif?nocache=3928
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 18:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5863
x-xss-protection
0
server
cafe
etag
12453517290502062038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 26 Apr 2021 19:02:35 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=tracking-usps.businesess.co.za
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 18:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tracking-usps.businesess.co.za
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 18:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=499427113852497&correlator=3578295519231813&output=ldjh&impl=fifs&eid=31060783%2C31060493&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210426&iu_parts=5284%2Csyn.att%2Clogin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1440x1024%7C1440x800%7C300x250%7C300x600&prev_scp=ar%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1619461123&dt=1619461123818&dlt=1619461120321&idt=2412&frm=20&biw=1600&bih=1200&oid=3&adxs=80&adys=112&adks=3592017840&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftracking-usps.businesess.co.za%2F17dct.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1440x-1&msz=1440x-1&ga_vid=2041984120.1619461124&ga_sid=1619461124&ga_hid=2091262108&ga_fc=false&fws=4&ohw=1440&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6ea11a9ba6b501e448079988721c92284404dcb090d11fcfee68b2e4ac2ce4f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 18:18:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12644
x-xss-protection
0
google-lineitem-id
4525080858
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138220541017
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tracking-usps.businesess.co.za
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
01b72d2030385566562cb6154ec7e14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E485 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://01b72d2030385566562cb6154ec7e14a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
01b72d2030385566562cb6154ec7e14a.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tracking-usps.businesess.co.za/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Referer
https://tracking-usps.businesess.co.za/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 26 Apr 2021 18:18:43 GMT
expires
Tue, 26 Apr 2022 18:18:43 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B68 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tracking-usps.businesess.co.za/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Referer
https://tracking-usps.businesess.co.za/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 26 Apr 2021 18:15:30 GMT
expires
Tue, 26 Apr 2022 18:15:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
193
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 6944 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8a2b3462c740c8347f2e5db24143b43e7cfd0adfae2f65f3ae30254985a300e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 18:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
8606185217770904955
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 18:04:27 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 6944 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23c061e7d440b7804c374dae567e47162a04cacc44e35b5c35065629d8f2b3ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 18:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1186
x-xss-protection
0
server
cafe
etag
6564122956844895608
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 18:15:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6944 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 18:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Mon, 26 Apr 2021 18:18:43 GMT
l
www.google.com/ads/measurement/ Frame 6944 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjfwMtPJHP7fV6OuXUDJAD-zkIiVFtGTo42mek6FlBaNkwjSYk2re_zLLrHmhMM0g7vPVb
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers
12894751337434499664
tpc.googlesyndication.com/simgad/ Frame 6944 		224 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12894751337434499664
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e38bbb7c1392079c33536ebd44493c90cb149088a88ef57e86e8f85bf583acb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 14:04:56 GMT
x-content-type-options
nosniff
age
15227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229259
x-xss-protection
0
last-modified
Tue, 19 Dec 2017 18:44:36 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Apr 2022 14:04:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6944 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOvj_QoCLEfz31kVnOK1V6fGxiZuPzAENklpIhZM1zzqNip7SQaGjyh0VSZ34bqLBtFjBDhYjchrt23KmaZGvZp-m_pJnuIjBBwQZKfSvDOr4zfhNs8AO_B_Q2qoeZczszbTQemElJJQEV8EsM-s6ZIATsLTMYMtn4Qa7xsXQlDB8OeRIvQHqIky18N25WXbyJnB1MX5Sz1kYEqRJvKXCqQRpMFNirfQ-L_FC_7ToZ6NBkXwEmUFyUZhoK-YGHG4CydHURGjg9T9BJoDnQ4G_voKanED6ywGjgd6qnI00UGRes1IchoeyErKyZV0cg&sai=AMfl-YRaHEUltj_U7CPzXWoLCbMRmDd6p_AhTsalfdpqbR2SoVoK5JCUpzNIaqhN605seNGfWrin1nazL7NwVFTFnmZPsj5A4bqmbn8dvgiNVptnj4cRW5svjlLoQ8PXt4k&sig=Cg0ArKJSzEG7H5PBSlxhEAE&adurl=
Requested by
Host: tracking-usps.businesess.co.za
URL: https://tracking-usps.businesess.co.za/17dct.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 18:18:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 26 Apr 2021 18:18:43 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 18:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Mon, 26 Apr 2021 18:18:43 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a11c1e946666c77f96226761e7a0795065ab1f17f4e48f88285514e81bad079b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 18:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6969
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 18:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 26 Apr 2021 18:18:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6944 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSlnrHiJ5LUHxKKIOH5fazk38zrOZP3kRwn609B2j0KKJWiuGICwSGMQAqY-KSsK5-hsCmHJH_zUxTA4Fdq8uU4EkHYInQObEaMaz8DqHB0-qSLM0BhqmTrCI8DKvk5U-W47bn3PDyrHMLFs61tuuaUPg6ijNX8vmUhhvMU81Iuc47VeSLy7KwVXhosknoVEkArgwcyRbeiB98QgGEfkKDIEYeBhWRP7vq6ONWQXKVSfbFp83bS-elPUDKExMvOnEnBPJAvrVAF-n6hDTZ4yEsxhU-V2vfl7nsql_NuY7a79AVFJ4mgbYmUEQD2Vjbot8&sai=AMfl-YThD0U0vezeaUmJKRmqzE3S9xijPbu-9IgLslHFEWLDFwltJGBbybYuDOoMwpIj9pafC0g6qGkHMb_bUgLt3YcBkfwM6jqaYoj8ssYwK7VxixPF2K5pQKuAmlOKDrs&sig=Cg0ArKJSzJs-2XNBfHHGEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 18:18:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 26 Apr 2021 18:18:44 GMT
truncated
/ Frame 6944 		551 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79161668c7e4a494f5c4831c6409a90280a66389c1cee5d6ceecfe3479de48b1

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 756C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tracking-usps.businesess.co.za/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Referer
https://tracking-usps.businesess.co.za/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 26 Apr 2021 18:15:32 GMT
expires
Tue, 26 Apr 2022 18:15:32 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
192
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 756C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 18:02:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
965
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Tue, 26 Apr 2022 18:02:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042101&jk=499427113852497&bg=!r6ylrOjNAAZUuIlwVLg7ACkAdvg8WvE0cRthKdCh0r4uGKW-_2c7ig0z_3kmSFDfm6jgKncZ34txJwIAAABcUgAAABFoAQcKASFjCGT54S0tMZGa7-CjQi8dNb-a0kP9RpEdImDwu7j9PhBX8nqJ2sYxUm4JTKY8HrKUSYmhW0lndnQECP4M4waICb626PEbdW7r1ojZFeRK0urZqsgUwcnXAe-fWw6qfqNMS4Lv0EXrVVM2B-y2IFpH9AC4SxUtKVw5o0gQF71qFTs00OyamtgBvK9zjDdUaprD_qfOIRK5uRLcrl9hibPr3cvdfVgPKJE7fIViLBCcCOq3x6E_cPb2NULZKPnk36IhgpKvznzLkb9VBcUXWJsPatm-eozN5ZtJc7fAys1BfLiVwhdxibl101ApiwNze9M4CceYn7-JsBv8E5nuykyF6DN9EKDJ001zgVbM3coE0wsz8hlw0FbnSuvJlMEhqKJImQIiUu3mgPkPl8BQU6BUqbF9LqFcVaqQsC5jOcnJvFCXTGjyYWl1G0xKD2W7A01mFu2wdZRdjlct3ptzZLp002vg8tuR8POlILJzqmGyxWoFm3U94cEXGRxGjvvkilEUDw8CmckshxkxpOZFWmjH3XKOjQphkt46eF6FSA6lbpl7pqY7AQojmMls2XxhQti5dwYrOrO24tCrui0v34KrQqQkaMHgd7BvojpB-gJ-3cHNDGbtVtlMQpjdnpW_63nJR0Th_l8Y9AnwGqHaeaOugOVoN9WWdEUPFYbvcgnMYF1_Q-VUufupWO7sjV5fMJI8zvq7BM0Eo5lhA92XpoXHk6-wkl5MsLtM1pqUcDBYbY5jS-T3u49Q0Y-wrdqB32_KyD1Z5SKRokCETmRczZ4xmoOnz_meZgN8cVgRt09jimHfZfk8m8g_5XpSEJEwyBauljd5cLhBMCkehvSnnM3SPRE9PArqAU-f-OgNnPZ4peXxg5GbKM9oLV48a4FkBQNBkXQ3LM-sBIOajSXYO7RlUBd6fdvvr6eV57x3hIv1nHZr39pXbvBHRbDkM8QVAF9Vfb2LRJOgAHMzghDzvmbEne-9pPRHAd9cx31v31iI1T7kz9MqevPsNAtIs12TPDGYcfrF5k6_h1SNh68yvmQWEK30zH3EQGT2cXimSe9XQySFGU1GRGBtGJFgQF4k8tb_szIonhT7_3x2lrk_ttZuSl3X7JF-
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 18:18:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6944 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBehVmOCf_U0rBoj3qdDjsrY0hv9yluixrK_ypQae-c79EfaMUTsKfYCVKPclP_yFlQTN_1H3SvZwSCGDYYVn3E8LmB1whjwLIk7lllEQ&sig=Cg0ArKJSzP7otlsHHkRVEAE&id=lidar2&mcvt=1000&p=112,80,1222,1520&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210423&bin=7&avms=nio&bs=1600,1200&mc=0.92&app=0&itpl=3&adk=3592017840&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619461123897&dlt=0&rpt=133&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tracking-usps.businesess.co.za/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 18:18:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
smetrics.att.com
URL
https://smetrics.att.com/id?d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=55633F7A534535110A490D44%40AdobeOrg&mid=64923907630954168263824174952592916593&ts=1619461120771

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| mid string| adobe_mc string| href undefined| analytics_app_visitor_id undefined| ts undefined| newurl object| detm_last_link_info function| isIE function| _pageLoadDetector function| _earlyAnalytics function| e boolean| disableAudienceManager object| visitor object| DataMappingInterface string| detm_tag_notification_key string| legacyModeKey object| scripts object| script string| src function| satelliteDetector function| scriptExecutor string| filesadded boolean| monecontwatched function| loadAdsFile function| injectHtmlTag function| executeMonetizationTagInjection function| injectMonetization function| iterateANConfigObj function| findAccurateConfig undefined| detmScriptLoaderConfig function| detmScriptLoader undefined| detmLoader undefined| AllowDelayedLoad object| earlyAnalytics object| chatAnalytics function| Visitor object| s_c_il number| s_c_in boolean| detmDisabled object| detmScriptExecutor function| detmDomainMapper object| detmTagControls object| antiClickjack undefined| noFrameBusting function| $ function| jQuery string| agent string| ORIGINATION_POINT_URL string| RETURN_URL string| CANCEL_URL function| getWindowWidth function| getWindowHeight function| setRegURL function| logPgvw function| refer function| submitForm function| trimAll function| chkTick function| unchkTick function| getElementsByClassName function| btnChange function| acctSelBtnEnable function| ie6Img function| getYadContents function| init undefined| countdownElement function| overlay function| cancelLoad function| Redirecturl string| focusableElementsString function| trapTabKey function| webtrendsAsyncInit function| detmExecuteFooter string| q1Zidx string| q2Zidx object| Sadlib_Config object| TN8 object| SW_Config object| rubicontag object| googletag object| Sadlib object| SynDetectPii object| sadlib object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests

3 Cookies

Domain/Path Name / Value
.demdex.net/ Name: dextp
Value: 21-1-1619461121859|358-1-1619461121968|477-1-1619461122082|1123-1-1619461122196|22052-1-1619461122301|139200-1-1619461122402
.businesess.co.za/ Name: AMCV_55633F7A534535110A490D44%40AdobeOrg
Value: 1994364360%7CMCIDTS%7C18744%7CMCMID%7C64923907630954168263824174952592916593%7CMCAAMLH-1620065920%7C6%7CMCAAMB-1620065920%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1619468320s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.4.0
.businesess.co.za/ Name: AMCVS_55633F7A534535110A490D44%40AdobeOrg
Value: 1

2 Console Messages

Source Level URL
Text
console-api log URL: https://sadlib.static-app.synacor.com/client/att/att.js(Line 1)
Message:
Targeting Providers Timeout,1155ms
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js(Line 6)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

01b72d2030385566562cb6154ec7e14a.safeframe.googlesyndication.com
aa.agkn.com
adservice.google.com
adservice.google.de
analytics.twitter.com
att.demdex.net
dpm.demdex.net
home.secureapp.att.net
ib.adnxs.com
idsync.rlcdn.com
ml314.com
pagead2.googlesyndication.com
s.amazon-adsystem.com
sadlib.static-app.synacor.com
securepubads.g.doubleclick.net
smetrics.att.com
tpc.googlesyndication.com
tracking-usps.businesess.co.za
www.att.com
www.google.com
www.googletagservices.com
smetrics.att.com
104.111.216.57
104.244.42.3
142.250.186.66
144.160.155.70
196.41.130.163
2a00:1450:4001:802::2001
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:82b::2002
3.120.52.200
3.250.252.43
35.244.174.68
37.252.172.249
52.31.168.5
54.170.210.188
69.168.104.86
72.21.206.140
01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b
23c061e7d440b7804c374dae567e47162a04cacc44e35b5c35065629d8f2b3ce
27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0
2e38bbb7c1392079c33536ebd44493c90cb149088a88ef57e86e8f85bf583acb
2ebde8e3a36a0f1f24fbe7f587cd693a531ef8bed2becd47adaef260620ee583
352b4b49c61c544f77a190243d398ea50aff0cce0f1d5d2a518c5f23165ec5d1
57f83c06cedade6f7f939dd10d4eaf36923b631578205a859792898506d3d7a7
59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9
5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5
601f450bfc37544f6ebbdcbecf66d18121b3a6c99ff9ab31994769f1b08f6e86
61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6ea11a9ba6b501e448079988721c92284404dcb090d11fcfee68b2e4ac2ce4f5
6ff918bb64cfba5c9f286260f5a5391f57c5817a042c913263881c4f1905dcfa
70b5a6613f03d3c015d826185e39839e6dbc2d03871f151bafbed5cc58503f69
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
79161668c7e4a494f5c4831c6409a90280a66389c1cee5d6ceecfe3479de48b1
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8e6ec1efd720fba57823309829b05bb57ebb5716c813c88b3c88cf36ab9aa5e9
9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128
a11c1e946666c77f96226761e7a0795065ab1f17f4e48f88285514e81bad079b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8a2b3462c740c8347f2e5db24143b43e7cfd0adfae2f65f3ae30254985a300e
a8c89bb3937cdc4a70b3568eae5a390d918433be78f89deba07846932ae7c695
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae996996376499e5a6e32ffc5e3b2cbf8efa7f13f55658f9b4b74929a3cb6297
b9a3d7a9798fe06b2f4aef0bc3bbda08a14fd8a65db34cf864075e8c7ec78367
bf14f0885f9b53df8e510e6dc4903a4c5d8c3132554b532bf53de2a3177bed6c
bfb9ce8a55af349aac152bf1ef818376642d93fb4c2ccc3f54332cacbce1ad8f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f