government public service

news media journalism

English

_abck

bm_sv

JSESSIONID

bm_sz

ak_bmsc

NSC_QHX_fbhononlq090_mc

TLTSID

NSC_hbufxbz-cf_mc

The domain name 'gateway.usps.com' uses the commercial generic top-level domain (.com) and includes subdomain 'gateway'. Count 4 characters in 'usps' holding one vowel versus 3 consonants. Tokenizing the label suggests 1 word: usps. Average segment length settles at four characters. No strong language cues emerged from the frequency lists.

securityId

login

register

_sourcePage

__fp

OWASP_CSRFTOKEN

html/86/f3/86f3bff8-da38-4cda-84aa-d55289cd300d.html.gz

default-src 'self' https:;                                                 connect-src 'self' https:;                                                 font-src 'self' https: data:;                                                 frame-src 'self' https:;                                                 img-src 'self' https: data:; media-src 'self' https:;                                                 object-src 'self' https:;                                                 script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;                                                 style-src 'self' 'unsafe-inline' https:;

require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

71bc1fea800b6f5d83f72c6a8066b0065117cd23e8fc69d451052246915496ff

20b9d167026beb543df4072a83855588ee4a296618c53b496da699b95ab3126e

412b3c1a39c05fcb9b3fff445ad17b2249423788ae13be98350eb21b2b3063c1

3708c4669061dae9b8e7ade59a8548f74cee13010c43d476155d915644c35009

36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

1570d92e1684a067e7ffaef2f413feeaeffde37291243a436d60032f1733ef4c

72f10b81a301beccaf481474701ae917a7ba60b93d0e4825a26bce6929ce5a27

41d7f2f555a81e83b22768a96c0c465893c928c7ecf8543ea1cfc542fff43570

XSS in the `altField` option of the Datepicker widget

XSS in the `of` option of the `.position()` util

XSS Vulnerability on text options of jQuery UI datepicker

XSS when refreshing a checkboxradio with an HTML-like initial text label 

parseHTML() executes scripts in event handlers

jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution

passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code.

Regex in its jQuery.htmlPrefilter sometimes may introduce XSS

ecf3d21fe1ad6574d7e78412d493cf8aa45c8d070b9c95188fd3de9ffea7a991

c89e3bf8884592e7eb82f49efe4b3ab71c591d64c4a5f60c62e6c82685ace5d0

postal, postage, shipping, packages, mail, mailing, ship, stamps, 
business, professional, tracking, USPS,portal, Package Intercept, FAST, Mailing Appointment, SBP, 
Scan Based Payment, Product Performance, PRS, Parcel Return Service, Online Enrollment, MMA, 
Managed Mailing Activity, Mailer ID, MID, MTEOR, Mail Transport Equipment Ordering, IMSB, 
Intelligent Mail Small Business,  EDDM, Every Door Direct Mail, ePubwatch, eVS, 
Electronic Verification Service, Incentive Programs,  CSAs, CLDS, Labels, customer label, CAPS, 
Centralized Account Processing Systems, BSN, Business Service Network, Business Reply Mail, 
Automated Business Reply Mail, ADVANCE

keywords

The USPS Business Customer Gateway provides access to the entire 
suite of tools and services offered to the United States Postal Service's business customers of all sizes and types.

description

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

html/86/f3/86f3bff8-da38-4cda-84aa-d55289cd300d_nodriver.html.gz

USPS Business Customer Gateway

Network Solutions, LLC

USPS.COM


	(function(w, d, s, l, i) {
		w[l] = w[l] || [];
		w[l].push({
			'gtm.start' : new Date().getTime(),
			event : 'gtm.js'
		});
		var f = d.getElementsByTagName(s)[0], j = d.createElement(s), dl = l != 'dataLayer'
				? '&l=' + l
				: '';
		j.async = true;
		j.src = 'https://www.googletagmanager.com/gtm.js?id=' + i + dl;
		f.parentNode.insertBefore(j, f);
	})(window, document, 'script', 'dataLayer', 'GTM-MVCC8H');


Requests	IP Address	Location	AS Autonomous System
13	2.23.244.111	Frankfurt am Main, Hesse, Germany	AS16625Akamai Technologies, Inc.
12	172.217.16.168	United States	AS15169Google LLC
12	172.217.20.138	United States	AS15169Google LLC
37	3	-	-

Security Scan Report: gateway.usps.com

Summary

AI Security Verdict

Safe Website

Safety Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies6

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History