[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firefox: Warning: Potential Security Risk Ahead for the USPS.com

Jan 3, 2022, 23:08 by dsr@randomstring.org:

> Alright. Put this into your /etc/hosts temporarily:
>
> 152.195.33.23  www.usps.com tools.usps.com www.usps.gov
>
> That's unlikely to be an optimal IP from their CDN, but it is
> currently working.
>

That fixed it, I got the USPS tracking page to load normally. Still not why it worked as tools.usps.com resolves for me to 152.195.33.23:

# dig tools.usps.com

; <<>> DiG 9.16.22-Debian <<>> tools.usps.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45738
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 77e474050843f63a0100000061d38b021b182f925c475f14 (good)
;; QUESTION SECTION:
;tools.usps.com.                        IN      A

;; ANSWER SECTION:
tools.usps.com.         42      IN      CNAME   cs1799.wpc.upsiloncdn.net.
cs1799.wpc.upsiloncdn.net. 2078 IN      A       152.195.33.23

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jan 03 18:47:14 EST 2022
;; MSG SIZE  rcvd: 126




> Oh. Are you using DNS-over-HTTPS? 
>

I used to but I have disabled it for now. Even with DNS-over-HTTPS disabled I was getting the certificate error until I put 152.195.33.23 into the /etc/hosts.


Regards,
Reply to: