Re: Firefox: Warning: Potential Security Risk Ahead for the USPS.com
Jan 3, 2022, 23:08 by dsr@randomstring.org:
> Alright. Put this into your /etc/hosts temporarily:
>
> 152.195.33.23 www.usps.com tools.usps.com www.usps.gov
>
> That's unlikely to be an optimal IP from their CDN, but it is
> currently working.
>
That fixed it, I got the USPS tracking page to load normally. Still not why it worked as tools.usps.com resolves for me to 152.195.33.23:
# dig tools.usps.com
; <<>> DiG 9.16.22-Debian <<>> tools.usps.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45738
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 77e474050843f63a0100000061d38b021b182f925c475f14 (good)
;; QUESTION SECTION:
;tools.usps.com. IN A
;; ANSWER SECTION:
tools.usps.com. 42 IN CNAME cs1799.wpc.upsiloncdn.net.
cs1799.wpc.upsiloncdn.net. 2078 IN A 152.195.33.23
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jan 03 18:47:14 EST 2022
;; MSG SIZE rcvd: 126
> Oh. Are you using DNS-over-HTTPS?
>
I used to but I have disabled it for now. Even with DNS-over-HTTPS disabled I was getting the certificate error until I put 152.195.33.23 into the /etc/hosts.
Regards,
Reply to: