www.postaluniformxpress.com Open in urlscan Pro
2606:4700::6811:6324 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://postaluniformxpress.com/
Effective URL:
https://www.postaluniformxpress.com/
Submission: On July 15 via automatic, source certstream-suspicious (July 15th 2021, 2:31:22 pm UTC)

Summary HTTP 41 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 41 HTTP transactions. The main IP is 2606:4700::6811:6324, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.postaluniformxpress.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2021. Valid for: a year.

This is the only time www.postaluniformxpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6811:fb1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700::68... 2606:4700::6811:6324	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.96.42 13.224.96.42	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2 6	52.57.60.131 52.57.60.131	16509 (AMAZON-02) (AMAZON-02)
2	13.224.96.102 13.224.96.102	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	34.117.30.199 34.117.30.199	15169 (GOOGLE) (GOOGLE)
3	217.175.192.43 217.175.192.43	199236 (EMARSYS-A...) (EMARSYS-AS Emarsys eMarketing Systems AG)
41	14

1 2606:4700::6811:fb1b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

postaluniformxpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6811:6324 (United States)

ASN13335 (CLOUDFLARENET, US)

www.postaluniformxpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-42.zrh50.r.cloudfront.net

cdn.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.57.60.131 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-60-131.eu-central-1.compute.amazonaws.com

recommender.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-102.zrh50.r.cloudfront.net

static.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.30.199 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 199.30.117.34.bc.googleusercontent.com

webchannel-content.eservice.emarsys.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.175.192.43 (Austria)

ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT)

link.postaluniformsdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
link.postaluniformxpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
suite34.emarsys.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	postaluniformxpress.com 1 redirects postaluniformxpress.com www.postaluniformxpress.com link.postaluniformxpress.com	343 KB
9	scarabresearch.com 2 redirects cdn.scarabresearch.com recommender.scarabresearch.com static.scarabresearch.com	74 KB
7	google-analytics.com www.google-analytics.com	20 KB
3	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	emarsys.net webchannel-content.eservice.emarsys.net suite34.emarsys.net	20 KB
2	google.de www.google.de	172 B
2	google.com 1 redirects www.google.com	137 B
2	googleadservices.com www.googleadservices.com	15 KB
1	postaluniformsdirect.com link.postaluniformsdirect.com	43 KB
1	googletagmanager.com www.googletagmanager.com	37 KB
41	10

	Domain	Requested by
15	www.postaluniformxpress.com	www.postaluniformxpress.com
7	www.google-analytics.com	www.postaluniformxpress.com www.google-analytics.com
6	recommender.scarabresearch.com	2 redirects cdn.scarabresearch.com
2	www.google.de	www.postaluniformxpress.com
2	www.google.com	1 redirects www.postaluniformxpress.com
2	static.scarabresearch.com	cdn.scarabresearch.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
1	suite34.emarsys.net	static.scarabresearch.com
1	link.postaluniformxpress.com
1	link.postaluniformsdirect.com
1	webchannel-content.eservice.emarsys.net	static.scarabresearch.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	www.postaluniformxpress.com
1	cdn.scarabresearch.com	www.postaluniformxpress.com
1	postaluniformxpress.com	1 redirects
41	16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-15` - `2022-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.scarabresearch.com Amazon	`2020-11-23` - `2021-12-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
webchannel-content.eservice.emarsys.net R3	`2021-07-03` - `2021-10-01`	3 months	crt.sh
link.postaluniformsdirect.com R3	`2021-06-24` - `2021-09-22`	3 months	crt.sh
link.postaluniformxpress.com R3	`2021-06-06` - `2021-09-04`	3 months	crt.sh
*.emarsys.net Sectigo RSA Domain Validation Secure Server CA	`2021-01-13` - `2022-02-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.postaluniformxpress.com/
Frame ID: 86A7411EF0944497CF47B5CDAF81F38C
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://postaluniformxpress.com/ HTTP 301
https://www.postaluniformxpress.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

41
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

16
Subdomains

14
IPs

4
Countries

553 kB
Transfer

1374 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/PostalUniformXpressPUX/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://postaluniformxpress.com/ HTTP 301
https://www.postaluniformxpress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068979560/?random=1906082447&cv=9&fst=1626359462976&num=1&value=0&label=Pg4ZCPKivgMQ6Krd_QM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.postaluniformxpress.com%2F&tiba=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&auid=449208808.1626359463&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=pkbwYK-SPIi-3gO-jKXADQ&sscte=1&crd=&eitems=ChAI8Lm_hwYQy9KR4ZnAnfw7Eh0A7wKBKHxcq_FEPfWHdlk9r8JIkkxThAxTpO57kg HTTP 302
https://www.google.com/pagead/1p-conversion/1068979560/?random=1906082447&cv=9&fst=1626359462976&num=1&value=0&label=Pg4ZCPKivgMQ6Krd_QM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.postaluniformxpress.com%2F&tiba=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&auid=449208808.1626359463&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=pkbwYK-SPIi-3gO-jKXADQ&eitems=ChAI8Lm_hwYQy9KR4ZnAnfw7Eh0A7wKBKFFG9p_C0E1jVu9T5t5IWXpcFKusp6QGtw&random=2823849892&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1068979560/?random=1906082447&cv=9&fst=1626359462976&num=1&value=0&label=Pg4ZCPKivgMQ6Krd_QM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.postaluniformxpress.com%2F&tiba=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&auid=449208808.1626359463&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=pkbwYK-SPIi-3gO-jKXADQ&eitems=ChAI8Lm_hwYQy9KR4ZnAnfw7Eh0A7wKBKFFG9p_C0E1jVu9T5t5IWXpcFKusp6QGtw&random=2823849892&resp=GooglemKTybQhCsO&ipr=y

Request Chain 31

https://recommender.scarabresearch.com/merchants/144673B55D57FD63/?v=i%3AsnqiE9L-an.1%2Ct%3AWEBPERSONALIZATION_LOAD%2Cc%3AAAAA&q=%7B%7D&redirect_to=https%3A%2F%2Frecommender.scarabresearch.com%2Fis_alive HTTP 302
https://recommender.scarabresearch.com/is_alive

Request Chain 37

https://recommender.scarabresearch.com/merchants/144673B55D57FD63/?v=i%3AsnqiE9L-an.1%2Ct%3AWEBPERSONALIZATION_SHOW%2Cc%3AAAAA&q=%7B%7D&redirect_to=https%3A%2F%2Frecommender.scarabresearch.com%2Fis_alive HTTP 302
https://recommender.scarabresearch.com/is_alive

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.postaluniformxpress.com/
Redirect Chain

https://postaluniformxpress.com/
https://www.postaluniformxpress.com/

20 KB
6 KB

771ms
738ms

Document
text/html

2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b1c65741e09bc95d1b00a3fbf601edbcafea3d306000782f0ad9230f05c875d

Request headers

Host: www.postaluniformxpress.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
Content-Type: text/html; charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
CacheControl: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Set-Cookie: xwecp.COM=000000083950871334628582156555; SECURE; HTTPONLY; xwecp.COM=000000083950872173450350842182; SECURE; HTTPONLY;
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 66f3b12d1cc64ebc-FRA
Content-Encoding: gzip

Redirect headers

Date: Thu, 15 Jul 2021 14:31:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 15 Jul 2021 15:31:01 GMT
Location: https://www.postaluniformxpress.com/
cf-request-id: 0b4c2d0ff100000601102ad000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 66f3b12cbe120601-FRA

GET
H/1.1 200
OK pux.css
www.postaluniformxpress.com/css/ 33 KB
8 KB 48ms
46ms Stylesheet
text/css 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postaluniformxpress.com/css/pux.css?ts=000000020140927
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a779884658b025d943adbcab7330b4c4fa276c994ee2db37f35f3575c24804

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.postaluniformxpress.com/
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 780
Cf-Polished: origSize=42371
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Nov 2018 18:06:18 GMT
Server: cloudflare
ETag: W/"a583-57b309b515a80-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css; charset=windows-1252
Expires: Thu, 15 Jul 2021 18:31:02 GMT
Cache-Control: public, max-age=14400
CF-RAY: 66f3b1326c354ebc-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK jquery-ui.css
www.postaluniformxpress.com/js/jquery-ui-1.12.1/ 31 KB
8 KB 50ms
35ms Stylesheet
text/css 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postaluniformxpress.com/js/jquery-ui-1.12.1/jquery-ui.css?ts=000000020140927
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99064ce4c114c7ce1f391742decc455c7c3bf72801793ffc93b78ac26014dd21

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.postaluniformxpress.com/
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 780
Cf-Polished: origSize=37240
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Nov 2018 22:06:48 GMT
Server: cloudflare
ETag: W/"9178-57b988c9e8e00-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css; charset=windows-1252
Expires: Thu, 15 Jul 2021 18:31:02 GMT
Cache-Control: public, max-age=14400
CF-RAY: 66f3b1328ce4dfff-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
www.postaluniformxpress.com/js/ 85 KB
30 KB 68ms
52ms Script
application/javascript 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postaluniformxpress.com/js/jquery-3.3.1.min.js?ts=000000020140927
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.postaluniformxpress.com/
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 780
Connection: keep-alive
Content-Length: 30307
Last-Modified: Mon, 14 Jan 2019 15:33:14 GMT
Server: cloudflare
ETag: "1538f-57f6cc356e280-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
CF-RAY: 66f3b1328efd4e86-FRA
Expires: Thu, 15 Jul 2021 18:31:02 GMT

GET
H/1.1 200
OK jquery-ui.js Show response
www.postaluniformxpress.com/js/jquery-ui-1.12.1/ 509 KB
123 KB 53ms
37ms Script
application/javascript 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postaluniformxpress.com/js/jquery-ui-1.12.1/jquery-ui.js?ts=000000020140927
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711b969dfdd14cddcb572ece97d5688e0a0b19f85940040dd93a1f18daf0b992

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.postaluniformxpress.com/
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 26 Nov 2018 23:12:25 GMT
Server: cloudflare
Age: 780
ETag: "7f20c-57b9977486840-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 66f3b1328d724aaf-FRA
Expires: Thu, 15 Jul 2021 18:31:02 GMT

GET
H/1.1 200
OK pux.js Show response
www.postaluniformxpress.com/js/ 51 KB
11 KB 46ms
29ms Script
application/javascript 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postaluniformxpress.com/js/pux.js?ts=000000020140927
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce3f5edbf53b3b981a7baf86aeb3492dcaf018af96ca69297443eebfe6c55be

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.postaluniformxpress.com/
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 780
Connection: keep-alive
Content-Length: 10957
Last-Modified: Mon, 14 Jan 2019 20:36:37 GMT
Server: cloudflare
ETag: "cae4-57f7100529f40-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
CF-RAY: 66f3b13288ab4a98-FRA
Expires: Thu, 15 Jul 2021 18:31:02 GMT

GET
H/1.1 200
OK pux.jpg
www.postaluniformxpress.com/images/ 16 KB
16 KB 27ms
26ms Image
image/jpeg 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postaluniformxpress.com/images/pux.jpg
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed59b70e2f4eab78ee6ca790514d929884a1647c5ad1b3936300e74247012c43

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.postaluniformxpress.com/
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
CF-Cache-Status: HIT
Age: 112
Connection: keep-alive
Content-Length: 16245
Last-Modified: Tue, 21 Jan 2014 19:56:55 GMT
Server: cloudflare
ETag: "3f75-4f08069010fc0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Expires: Thu, 15 Jul 2021 15:31:02 GMT
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
CF-RAY: 66f3b132de2b4aaf-FRA
Cf-Bgj: h2pri

GET
H/1.1 200
OK minicart.gif
www.postaluniformxpress.com/images/ 157 B
659 B 22ms
22ms Image
image/gif 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postaluniformxpress.com/images/minicart.gif
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13fd20e6ce5803fff55a9fe8b4c4c32031d77309f64b20f41a7d048a32c1f5e4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.postaluniformxpress.com/
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 24 Jan 2014 17:01:26 GMT
Server: cloudflare
Age: 112
ETag: "9d-4f0ba4ef36580"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 66f3b132e8074e86-FRA
Content-Length: 157
Expires: Thu, 15 Jul 2021 15:31:02 GMT

GET
H/1.1 200
OK 2014-06-02-PUXCRAFT-AH.gif
www.postaluniformxpress.com/photos/pux/ 12 KB
13 KB 22ms
20ms Image
image/gif 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postaluniformxpress.com/photos/pux/2014-06-02-PUXCRAFT-AH.gif
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e735f7b0d54db4af417e967dd4984ad4ae9fdd6de142fa934d1ee1fcb58db9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.postaluniformxpress.com/
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
CF-Cache-Status: HIT
Last-Modified: Thu, 20 Aug 2020 17:15:34 GMT
Server: cloudflare
Age: 112
ETag: "311f-5ad5244a2d980"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 66f3b1330dbddfff-FRA
Content-Length: 12575
Expires: Thu, 15 Jul 2021 15:31:02 GMT

GET
H/1.1 200
OK 2014-02-21-PUXHOME-H1.jpg
www.postaluniformxpress.com/photos/pux/ 83 KB
83 KB 39ms
37ms Image
image/jpeg 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postaluniformxpress.com/photos/pux/2014-02-21-PUXHOME-H1.jpg
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93d4565b77810c8d91222f8a9965a96f2d372ef1a120439dbb2d204d14133b0d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.postaluniformxpress.com/
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
CF-Cache-Status: HIT
Age: 112
Connection: keep-alive
Content-Length: 84899
Last-Modified: Fri, 28 Feb 2014 03:49:00 GMT
Server: cloudflare
ETag: "14ba3-4f36f516f2300"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Expires: Thu, 15 Jul 2021 15:31:02 GMT
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
CF-RAY: 66f3b1330a584a98-FRA
Cf-Bgj: h2pri

GET
H/1.1 200
OK uspstruckv2.gif
www.postaluniformxpress.com/photos/gpostal/ 14 KB
14 KB 22ms
20ms Image
image/gif 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postaluniformxpress.com/photos/gpostal/uspstruckv2.gif
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27a412d38c6f8239cb1982f2ad7acb32fcc4b7c80c84b8a1a853af1ee3ee22f7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.postaluniformxpress.com/
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 03 Mar 2017 02:09:36 GMT
Server: cloudflare
Age: 112
ETag: "36cc-549ca098cd800"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 66f3b1330e114ebc-FRA
Content-Length: 14028
Expires: Thu, 15 Jul 2021 15:31:02 GMT

GET
H/1.1 200
OK users_icon_delete.jpg
www.postaluniformxpress.com/images/ 555 B
1 KB 45ms
42ms Image
image/jpeg 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postaluniformxpress.com/images/users_icon_delete.jpg
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae043cb6eb74ff3adf7b4ab951f64f881b996f2e846baac1b9e471a5b1b3adf

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.postaluniformxpress.com/
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
CF-Cache-Status: HIT
Age: 112
Connection: keep-alive
Content-Length: 555
Last-Modified: Wed, 13 Jun 2012 12:36:34 GMT
Server: cloudflare
ETag: "22b-4c259d5577880"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Expires: Thu, 15 Jul 2021 15:31:02 GMT
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
CF-RAY: 66f3b1330e864aaf-FRA
Cf-Bgj: h2pri

GET
H/1.1 200
OK licensed-uniform-vendor.jpg
www.postaluniformxpress.com/images/ 6 KB
6 KB 31ms
28ms Image
image/jpeg 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postaluniformxpress.com/images/licensed-uniform-vendor.jpg
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2929bb97f11258db181f03e0356f9f9b46f6039bb5d6137c913efe29d8a2043b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.postaluniformxpress.com/
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
CF-Cache-Status: HIT
Age: 111
Connection: keep-alive
Content-Length: 5947
Last-Modified: Thu, 12 Dec 2013 20:25:59 GMT
Server: cloudflare
ETag: "173b-4ed5c274d63c0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Expires: Thu, 15 Jul 2021 15:31:02 GMT
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
CF-RAY: 66f3b13308554e86-FRA
Cf-Bgj: h2pri

GET
H/1.1 200
OK facebook39.png
www.postaluniformxpress.com/images/ 3 KB
4 KB 64ms
55ms Image
image/png 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postaluniformxpress.com/images/facebook39.png
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505f2d3b54b977bc173416f0a37fb4996475f6b5d9bab41fce454dfd5f855cf7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.postaluniformxpress.com/
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
CF-Cache-Status: HIT
Last-Modified: Thu, 30 Jan 2014 23:45:09 GMT
Server: cloudflare
Age: 111
ETag: "dc3-4f138a5cd4b40"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 66f3b1331c383248-FRA
Content-Length: 3523
Expires: Thu, 15 Jul 2021 15:31:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6003
date: Thu, 15 Jul 2021 12:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 15 Jul 2021 14:50:59 GMT

GET
H/1.1 200
OK scarab-v2.js Show response
cdn.scarabresearch.com/js/118292D0EB0AA77D/ 105 KB
25 KB 88ms
29ms Script
application/javascript 13.224.96.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.scarabresearch.com/js/118292D0EB0AA77D/scarab-v2.js
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-42.zrh50.r.cloudfront.net
Software: /
Resource Hash: 5d48e9c0bc1f681f7c570263bb4bfd3b62035c9cb3e402959f84686e311e3256

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:29:10 GMT
Content-Encoding: gzip
Connection: keep-alive
Age: 112
ETag: "d5b5c4d7bcf8f2ac3aaaa0706a8affaf--gzip"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript;charset=utf-8
Via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
Cache-Control: max-age=3600,public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
Timing-Allow-Origin: *
X-Amz-Cf-Id: _4_e1wPzjkW1be7jlttGZ5orXaIUgM4JdcsBSGZAD_b_ERYCuO7S1w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 97 KB
37 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5J9BWN

Requested by

Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0a824436c7ab45b564158e8246ed7ca55229a3cc345c41d58c7feb99b4b52da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 14:31:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38113
x-xss-protection: 0
last-modified: Thu, 15 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jul 2021 14:31:02 GMT

GET
H/1.1 200
OK goUp.jpg
www.postaluniformxpress.com/images/ 2 KB
2 KB 24ms
22ms Image
image/jpeg 2606:4700::6811:6324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postaluniformxpress.com/images/goUp.jpg
Requested by: Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/css/pux.css?ts=000000020140927
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:6324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c87d55745ad69fbb246f4163480567b6ed9088d0d33c26e219a8d7e099ac6d4c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.postaluniformxpress.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.postaluniformxpress.com/css/pux.css?ts=000000020140927
Cookie: xwecp.COM=000000083950872173450350842182
Connection: keep-alive
Referer: https://www.postaluniformxpress.com/css/pux.css?ts=000000020140927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:02 GMT
CF-Cache-Status: HIT
Age: 111
Connection: keep-alive
Content-Length: 1659
Last-Modified: Tue, 11 Feb 2014 23:50:08 GMT
Server: cloudflare
ETag: "67b-4f22a1db82c00"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Expires: Thu, 15 Jul 2021 15:31:02 GMT
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
CF-RAY: 66f3b1332e11dfff-FRA
Cf-Bgj: h2pri

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
94 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-1719598-3&cid=987220872.1626359463&jid=1850550893&gjid=1662425373&_gid=1460406689.1626359463&_u=IGBAgEABAAAAAE~&z=257630468

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 15 Jul 2021 14:31:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.postaluniformxpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=38743519&t=pageview&_s=1&dl=https%3A%2F%2Fwww.postaluniformxpress.com%2F&ul=en-us&de=windows-1252&dt=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=1850550893&gjid=1662425373&cid=987220872.1626359463&tid=UA-1719598-3&_gid=1460406689.1626359463&z=1112751939

Requested by

Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 00:36:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50081
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 17ms
17ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5J9BWN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

3863aa27a94c63552443bac3e301ede9d17255a7e1794bba5b6ff21850c66e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 14:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13978
x-xss-protection: 0
server: cafe
etag: 8394079078796230488
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 14:31:02 GMT

GET
H3-29 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
761 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 13:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2794
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
expires: Thu, 15 Jul 2021 14:44:28 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/1068979560/ 2 KB
1 KB 16ms
16ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1068979560/?random=1626359462976&cv=9&fst=1626359462976&num=1&value=0&label=Pg4ZCPKivgMQ6Krd_QM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.postaluniformxpress.com%2F&tiba=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&auid=449208808.1626359463&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef49577a2cfa778daa5e071935833ba153ef765960a3410c268e6c4b9117da7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 14:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068979560/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068979560/?random=1626359462981&cv=9&fst=1626359462981&num=1&label=Pg4ZCPKivgMQ6Krd_QM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.postaluniformxpress.com%2F&tiba=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

519ec051f782335b9f8af7c6018325a233ad2fff1e6c9b1259feebf3f477358b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 14:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1088
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
recommender.scarabresearch.com/merchants/118292D0EB0AA77D/ 89 B
657 B 58ms
14ms XHR
application/json 52.57.60.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommender.scarabresearch.com/merchants/118292D0EB0AA77D/?pv=1057612391&xp=1&cv=1&ca=&cp=1
Requested by: Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/118292D0EB0AA77D/scarab-v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.60.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-60-131.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7a9b9bcd4729786e33b7cbbbb074afbddabc8665a224d65debda708273b1ee25

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:03 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Vary: Accept-Encoding, User-Agent
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.postaluniformxpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 89
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK wploader.js Show response
static.scarabresearch.com/wpjs/ 31 KB
11 KB 89ms
29ms Script
application/javascript 13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scarabresearch.com/wpjs/wploader.js?ts=2689
Requested by: Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/118292D0EB0AA77D/scarab-v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84cb31671c592dcf7029d43596c26acc8430b390ae0cb5c82f651279a1630179

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:45:03 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 30 Jun 2021 08:06:22 GMT
Server: AmazonS3
Age: 9961
ETag: W/"c8bf0e8f0d449bda8ecb0295aa1a699c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: EsWqPHE-vxnWF1SQmn2Lnr1ANYdKOfIh5a_n2lelxEbpj-OsMk3v6g==

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/1068979560/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068979560/?random=1906082447&cv=9&fst=1626359462976&num=1&value=0&label=Pg4ZCPKivgMQ6Krd_QM&guid=ON&resp=GooglemKTybQhCsO&eid=25050...
https://www.google.com/pagead/1p-conversion/1068979560/?random=1906082447&cv=9&fst=1626359462976&num=1&value=0&label=Pg4ZCPKivgMQ6Krd_QM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=16...
https://www.google.de/pagead/1p-conversion/1068979560/?random=1906082447&cv=9&fst=1626359462976&num=1&value=0&label=Pg4ZCPKivgMQ6Krd_QM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=160...

42 B
64 B

21ms
20ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1068979560/?random=1906082447&cv=9&fst=1626359462976&num=1&value=0&label=Pg4ZCPKivgMQ6Krd_QM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.postaluniformxpress.com%2F&tiba=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&auid=449208808.1626359463&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=pkbwYK-SPIi-3gO-jKXADQ&eitems=ChAI8Lm_hwYQy9KR4ZnAnfw7Eh0A7wKBKFFG9p_C0E1jVu9T5t5IWXpcFKusp6QGtw&random=2823849892&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 14:31:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Jul 2021 14:31:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1068979560/?random=1906082447&cv=9&fst=1626359462976&num=1&value=0&label=Pg4ZCPKivgMQ6Krd_QM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.postaluniformxpress.com%2F&tiba=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&auid=449208808.1626359463&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=pkbwYK-SPIi-3gO-jKXADQ&eitems=ChAI8Lm_hwYQy9KR4ZnAnfw7Eh0A7wKBKFFG9p_C0E1jVu9T5t5IWXpcFKusp6QGtw&random=2823849892&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1068979560/ 42 B
113 B 17ms
16ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1068979560/?random=1626359462981&cv=9&fst=1626357600000&num=1&label=Pg4ZCPKivgMQ6Krd_QM&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.postaluniformxpress.com%2F&tiba=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&async=1&fmt=3&is_vtc=1&random=3080688074&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 14:31:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1068979560/ 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1068979560/?random=1626359462981&cv=9&fst=1626357600000&num=1&label=Pg4ZCPKivgMQ6Krd_QM&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.postaluniformxpress.com%2F&tiba=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&async=1&fmt=3&is_vtc=1&random=3080688074&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.postaluniformxpress.com
URL: https://www.postaluniformxpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 14:31:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wpes6.js Show response
static.scarabresearch.com/wpjs/ 109 KB
35 KB 34ms
33ms Script
application/javascript 13.224.96.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scarabresearch.com/wpjs/wpes6.js?ts=2689
Requested by: Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/118292D0EB0AA77D/scarab-v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-102.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ebd25aef8dc21dd398cc1f4785554ae5fadf6411a571ad16b45ab1c690260868

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 19:36:18 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 30 Jun 2021 08:06:24 GMT
Server: AmazonS3
Age: 68086
ETag: W/"d778e6dd73246ab713ac5ccff2b35d03"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: Mt26j8wFuIvYmsxGv_y8NBjNpq-J8Y3Pvki4Z5uNt2ng_TQDdFRAMw==

GET
H2 200 campaigns Show response
webchannel-content.eservice.emarsys.net/customer/794640446/ 17 KB
18 KB 46ms
25ms XHR
application/json 34.117.30.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://webchannel-content.eservice.emarsys.net/customer/794640446/campaigns?url=https:%2F%2Fwww.postaluniformxpress.com%2F&prev_url=&lang=en&ca=&uli=false

Requested by

Host: static.scarabresearch.com
URL: https://static.scarabresearch.com/wpjs/wpes6.js?ts=2689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.30.199 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

199.30.117.34.bc.googleusercontent.com

Software

Resource Hash

66a1e62ed256bc6918a3ffbaed6f97beab8c04a70226556a70c7924d512fa7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 14:31:03 GMT
via: 1.1 google
x-content-type-options: nosniff
alt-svc: clear
x-frame-options: DENY
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK / Show response
recommender.scarabresearch.com/merchants/144673B55D57FD63/ 213 B
782 B 17ms
16ms XHR
application/json 52.57.60.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommender.scarabresearch.com/merchants/144673B55D57FD63/?pv=939194916&f=f%3AWEBPERSONALIZATION%2Cl%3A50%2Co%3A0%7Cf%3AWP_NONCONTACT%2Cl%3A50%2Co%3A0&cv=1&ca=&cp=1&lang=en&vi=5FF9932667E8A7AD&fields=item%7Cc_campaign_id%7Cc_campaign_priority%7Cc_campaign_rank%7Cc_content_v3&ta=%7B%22name%22%3A%22localtime%22%2C%22attributes%22%3A%7B%22localtime%22%3A1626359463139%7D%7D&url=https%3A%2F%2Fwww.postaluniformxpress.com%2F
Requested by: Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/118292D0EB0AA77D/scarab-v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.60.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-60-131.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 75bfe75c6efc7d063cbbda5b04d26e7ca2e7b092e46bd216df6b6858887296f6

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:31:03 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Vary: Accept-Encoding, User-Agent
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.postaluniformxpress.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 213
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

is_alive Show response
recommender.scarabresearch.com/
Redirect Chain

https://recommender.scarabresearch.com/merchants/144673B55D57FD63/?v=i%3AsnqiE9L-an.1%2Ct%3AWEBPERSONALIZATION_LOAD%2Cc%3AAAAA&q=%7B%7D&redirect_to=https%3A%2F%2Frecommender.scarabresearch.com%2Fis...
https://recommender.scarabresearch.com/is_alive

11 B
211 B

15ms
14ms

Script
text/plain

52.57.60.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommender.scarabresearch.com/is_alive
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.60.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-60-131.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 63167c76418239c60347619af4246e68357d2de441efbb78bd20a77edda8539d

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://console.scarabresearch.com
Date: Thu, 15 Jul 2021 14:31:03 GMT
Connection: keep-alive
Content-Length: 11
Vary: Accept-Encoding, User-Agent

Redirect headers

Location: https://recommender.scarabresearch.com/is_alive
Date: Thu, 15 Jul 2021 14:31:03 GMT
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=38743519&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.postaluniformxpress.com%2F&ul=en-us&de=windows-1252&dt=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Webmessage&ea=loaded&el=snqiE9L-an.1&_u=aHDAAEATAAAAAG~&jid=1901790874&gjid=907219169&cid=987220872.1626359463&tid=UA-1719598-3&_gid=1460406689.1626359463&_r=1&gtm=2wg7e0W5J9BWN&z=1206160371

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 14:31:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.postaluniformxpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=38743519&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.postaluniformxpress.com%2F&ul=en-us&de=windows-1252&dt=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Webmessage&ea=loaded&el=snqiE9L-an.1&_u=aHDAgEATAAAAAE~&jid=&gjid=&cid=987220872.1626359463&tid=UA-1719598-3&_gid=1460406689.1626359463&z=1703888345

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 00:36:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50082
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 2019-06-emarsys-postal2.jpg
link.postaluniformsdirect.com/custloads/794138294/Popups/ 43 KB
43 KB 102ms
31ms Image
image/jpeg 217.175.192.43
EMARSYS-AS Emarsy...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.postaluniformsdirect.com/custloads/794138294/Popups/2019-06-emarsys-postal2.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.175.192.43 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT),
Reverse DNS
Software: nginx /
Resource Hash: ecb144b9792cf12a8beb5cf8130e30de11681a93d84499b63f33368d3091a908

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 14:31:03 GMT
last-modified: Tue, 11 Jun 2019 15:26:48 GMT
server: nginx
etag: "5cffc838-ac08"
content-type: image/jpeg
x-hf: suite-haproxy01e
x-fe: suite34-web5
accept-ranges: bytes
content-length: 44040

GET
H/1.1 200
OK md_69872.png
link.postaluniformxpress.com/custloads/794640446/ 15 KB
15 KB 83ms
20ms Image
image/png 217.175.192.43
EMARSYS-AS Emarsy...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.postaluniformxpress.com/custloads/794640446/md_69872.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.175.192.43 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT),
Reverse DNS
Software: nginx /
Resource Hash: bdfbcfdb30c22677648d8993a43011b395fa172d95beb2b9ba7c01aeb6fb0bbf

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 14:31:03 GMT
last-modified: Thu, 13 Jun 2019 14:57:24 GMT
server: nginx
etag: "5d026454-3cf7"
content-type: image/png
x-hf: suite-haproxy01b
x-fe: suite34-web3
accept-ranges: bytes
content-length: 15607

GET
H/1.1 200
OK common.js Show response
suite34.emarsys.net// 2 KB
3 KB 80ms
20ms Script
application/javascript 217.175.192.43
EMARSYS-AS Emarsy...

General

Check archive.org

Show headers Download Go to

Full URL

https://suite34.emarsys.net//common.js

Requested by

Host: static.scarabresearch.com
URL: https://static.scarabresearch.com/wpjs/wpes6.js?ts=2689

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.175.192.43 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT),

Reverse DNS

Software

Apache /

Resource Hash

71ff591774bdb9f8c3c582e6aacf7b63a42b277631928ee480f0e6c694c54e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 14:31:03 GMT
last-modified: Thu, 15 Jul 2021 07:36:15 GMT
server: Apache
x-af: suite34-web4
etag: "9f0-5c72486a0f9c0"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
x-hf: suite-haproxy01a
accept-ranges: bytes
content-length: 2544

GET
H/1.1

200
OK

is_alive Show response
recommender.scarabresearch.com/
Redirect Chain

https://recommender.scarabresearch.com/merchants/144673B55D57FD63/?v=i%3AsnqiE9L-an.1%2Ct%3AWEBPERSONALIZATION_SHOW%2Cc%3AAAAA&q=%7B%7D&redirect_to=https%3A%2F%2Frecommender.scarabresearch.com%2Fis...
https://recommender.scarabresearch.com/is_alive

11 B
211 B

15ms
14ms

Script
text/plain

52.57.60.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommender.scarabresearch.com/is_alive
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.60.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-60-131.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 63167c76418239c60347619af4246e68357d2de441efbb78bd20a77edda8539d

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://console.scarabresearch.com
Date: Thu, 15 Jul 2021 14:31:07 GMT
Connection: keep-alive
Content-Length: 11
Vary: Accept-Encoding, User-Agent

Redirect headers

Location: https://recommender.scarabresearch.com/is_alive
Date: Thu, 15 Jul 2021 14:31:07 GMT
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=38743519&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.postaluniformxpress.com%2F&ul=en-us&de=windows-1252&dt=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Webmessage&ea=impression&el=snqiE9L-an.1&_u=aHDAgEATAAAAAG~&jid=&gjid=&cid=987220872.1626359463&tid=UA-1719598-3&_gid=1460406689.1626359463&z=2087236910

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 00:36:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50086
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=38743519&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.postaluniformxpress.com%2F&ul=en-us&de=windows-1252&dt=Postal%20Uniform%20Xpress%3A%20Discount%20Postal%20Uniforms%20for%20USPS%20Employees&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Webmessage&ea=impression&el=snqiE9L-an.1&_u=aHDAAEATAAAAAG~&jid=&gjid=&cid=987220872.1626359463&tid=UA-1719598-3&_gid=1460406689.1626359463&gtm=2wg7e0W5J9BWN&z=207387230

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.postaluniformxpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 00:36:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50086
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.postaluniformxpress.com/	1970-01-19 21:55:35	Name: _gcl_au Value: 1.1.449208808.1626359463
.postaluniformxpress.com/	1970-01-19 19:45:59	Name: _gat Value: 1
.postaluniformxpress.com/	1970-01-19 19:47:25	Name: _gid Value: GA1.2.1460406689.1626359463
.postaluniformxpress.com/	1970-01-20 13:17:11	Name: _ga Value: GA1.2.987220872.1626359463
.postaluniformxpress.com/	1970-01-20 04:31:35	Name: scarab.visitor Value: %225FF9932667E8A7AD%22
www.postaluniformxpress.com/	1969-12-31 23:59:59	Name: xwecp.COM Value: 000000083950872173450350842182

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.scarabresearch.com
googleads.g.doubleclick.net
link.postaluniformsdirect.com
link.postaluniformxpress.com
postaluniformxpress.com
recommender.scarabresearch.com
static.scarabresearch.com
stats.g.doubleclick.net
suite34.emarsys.net
webchannel-content.eservice.emarsys.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.postaluniformxpress.com
13.224.96.102
13.224.96.42
142.250.74.194
217.175.192.43
2606:4700::6811:6324
2606:4700::6811:fb1b
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:813::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c09::9d
34.117.30.199
52.57.60.131
13fd20e6ce5803fff55a9fe8b4c4c32031d77309f64b20f41a7d048a32c1f5e4
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
27a412d38c6f8239cb1982f2ad7acb32fcc4b7c80c84b8a1a853af1ee3ee22f7
2929bb97f11258db181f03e0356f9f9b46f6039bb5d6137c913efe29d8a2043b
3863aa27a94c63552443bac3e301ede9d17255a7e1794bba5b6ff21850c66e35
505f2d3b54b977bc173416f0a37fb4996475f6b5d9bab41fce454dfd5f855cf7
519ec051f782335b9f8af7c6018325a233ad2fff1e6c9b1259feebf3f477358b
5d48e9c0bc1f681f7c570263bb4bfd3b62035c9cb3e402959f84686e311e3256
63167c76418239c60347619af4246e68357d2de441efbb78bd20a77edda8539d
66a1e62ed256bc6918a3ffbaed6f97beab8c04a70226556a70c7924d512fa7ea
69e735f7b0d54db4af417e967dd4984ad4ae9fdd6de142fa934d1ee1fcb58db9
6ae043cb6eb74ff3adf7b4ab951f64f881b996f2e846baac1b9e471a5b1b3adf
6b1c65741e09bc95d1b00a3fbf601edbcafea3d306000782f0ad9230f05c875d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
711b969dfdd14cddcb572ece97d5688e0a0b19f85940040dd93a1f18daf0b992
71ff591774bdb9f8c3c582e6aacf7b63a42b277631928ee480f0e6c694c54e72
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
75a779884658b025d943adbcab7330b4c4fa276c994ee2db37f35f3575c24804
75bfe75c6efc7d063cbbda5b04d26e7ca2e7b092e46bd216df6b6858887296f6
7a9b9bcd4729786e33b7cbbbb074afbddabc8665a224d65debda708273b1ee25
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84cb31671c592dcf7029d43596c26acc8430b390ae0cb5c82f651279a1630179
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
93d4565b77810c8d91222f8a9965a96f2d372ef1a120439dbb2d204d14133b0d
99064ce4c114c7ce1f391742decc455c7c3bf72801793ffc93b78ac26014dd21
b0a824436c7ab45b564158e8246ed7ca55229a3cc345c41d58c7feb99b4b52da
bdfbcfdb30c22677648d8993a43011b395fa172d95beb2b9ba7c01aeb6fb0bbf
c87d55745ad69fbb246f4163480567b6ed9088d0d33c26e219a8d7e099ac6d4c
dce3f5edbf53b3b981a7baf86aeb3492dcaf018af96ca69297443eebfe6c55be
ebd25aef8dc21dd398cc1f4785554ae5fadf6411a571ad16b45ab1c690260868
ecb144b9792cf12a8beb5cf8130e30de11681a93d84499b63f33368d3091a908
ed59b70e2f4eab78ee6ca790514d929884a1647c5ad1b3936300e74247012c43
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef49577a2cfa778daa5e071935833ba153ef765960a3410c268e6c4b9117da7c

www.postaluniformxpress.com Open in urlscan Pro 2606:4700::6811:6324 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

60 %IPv6

10 Domains

16 Subdomains

14 IPs

4 Countries

553 kBTransfer

1374 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.postaluniformxpress.com Open in urlscan Pro
2606:4700::6811:6324 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

16
Subdomains

14
IPs

4
Countries

553 kB
Transfer

1374 kB
Size

6
Cookies

41 HTTP transactions
0 data transactions