Report - 39928-canadapost.com/deposit/tang/

Report Overview

Submitted URL
39928-canadapost.com/deposit/tang/
IP
91.202.233.157
ASN
#200593 Prospero Ooo
Submitted
2024-04-18 16:08:36
Access
public
Website Title
Login | Tangerine
Final URL
39928-canadapost.com/deposit/tang/
Tags
tangerine financial phishing
urlquery detections
Phishing - Tangerine

Detections

urlquery
6
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
39928-canadapost.com	unknown	unknown	No data	No data	13 kB	522 kB	91.202.233.157
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-18	449 B	32 kB	151.101.66.137
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	539 B	129 kB	142.250.74.131
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	440 B	120 kB	142.250.74.106
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-18	512 B	6.5 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	39928-canadapost.com/deposit/tang/	Tangerine Bank

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	39928-canadapost.com/assets/js/actions.js?v=1713456490	778 B	2023-03-09	2024-04-30
Pretty URL 39928-canadapost.com/assets/js/actions.js?v=1713456490 IP 91.202.233.157 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:47:40 Last Seen2024-04-30 07:17:03 Times Seen115 Hash a402964267888cb8341280db40c3e42f e52583b6d5d36b7fd5dc88458ff42bc63affe1eb 411a7dde58e7f50627e413a47dda8ef4d5d11ec89ac4b78b8416a66badf7bd60 Loading...

	39928-canadapost.com/deposit/tang/	67 B	2023-10-13	2024-04-30
Pretty URL 39928-canadapost.com/deposit/tang/ IP 91.202.233.157 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-13 16:22:12 Last Seen2024-04-30 07:17:03 Times Seen36 Hash bd5abb3efb8b83d4dabd25c330eaaa8d bc8981fabbf42b744cbe74084b936bb062609dd6 b1d9fbdfb9a380355ad06856f6fb34f5048c26f3d5b15d85939e6d690608e579 Loading...

	39928-canadapost.com/deposit/tang/	3.7 kB	2023-10-13	2024-04-27
Pretty URL 39928-canadapost.com/deposit/tang/ IP 91.202.233.157 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-13 16:51:56 Last Seen2024-04-27 18:10:10 Times Seen15 Hash 7ec93f97e89a3808625ac7df6c7a64b9 7ecc8aee9c9e13e8ec305b09929a0837ad461e2a 2ccfee5fa0a87de1e771c442ec7dedba46a0ac83d7f33e6e394f65cca69f604e Loading...

	unknown	16 B	2023-04-10	2024-05-01
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57:29 Last Seen2024-05-01 16:07:06 Times Seen34038 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-05-01
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-01 16:34:31 Times Seen264312 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	39928-canadapost.com/deposit/tang/	2.1 kB	2023-03-26	2024-04-27
Pretty URL 39928-canadapost.com/deposit/tang/ IP 91.202.233.157 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 14:11:44 Last Seen2024-04-27 18:10:10 Times Seen18 Hash 309fc308e7f15657ab8d23778e96cec3 fb435918ae671acb1a7d0640048889608ea1bca7 a7fc986f48129b88228605a72b14415b79b1a7088be0178ce8d01b6dc5f4a389 Loading...

HTTP Transactions (28)

URL IP Response Size

39928-canadapost.com/deposit/tang/

91.202.233.157

200 OK

8.0 kB

URL User Request GET HTTP/1.1
39928-canadapost.com/deposit/tang/
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (517), with CRLF line terminators
Size
8.0 kB (8044 bytes)
Hash
960711cf92377329c26ce5853e3bf462
081bf071c02da69970fca93c0c42aa36cd39f0fa
d95fb31d1c78c041877cdc95fa8b412be9993a25074f09fbec1c3e6d78d34468

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tangerine Bank

HTTP Headers

GET /deposit/tang/ HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:10 GMT
Server: Apache/2.4.59 (Ubuntu)
Set-Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8044
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

39928-canadapost.com/assets/tang/css/vendor.css

91.202.233.157

200 OK

2.1 kB

URL GET HTTP/1.1
39928-canadapost.com/assets/tang/css/vendor.css
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with very long lines (8517), with no line terminators
Size
2.1 kB (2054 bytes)
Hash
20eb6d1dd39593be27959cbf86559b91
01d577444d5e88cef7cd1285751fa4caf98b2b7d
bc128faf58e994f35c97843fef26e145f1fbd0de8f1ea8d805519741b56bf06b

HTTP Headers

GET /assets/tang/css/vendor.css HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:10 GMT
Server: Apache/2.4.59 (Ubuntu)
Last-Modified: Wed, 04 Aug 2021 01:19:16 GMT
ETag: "2145-5c8b19741ed00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2054
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

code.jquery.com/jquery-3.6.0.min.js

151.101.66.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://39928-canadapost.com
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 16:08:10 GMT
age: 5914110
x-served-by: cache-lga21931-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 22, 761634
x-timer: S1713456491.991953,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

39928-canadapost.com/assets/js/actions.js?v=1713456490

91.202.233.157

200 OK

318 B

URL GET HTTP/1.1
39928-canadapost.com/assets/js/actions.js?v=1713456490
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
318 B (318 bytes)
Hash
a402964267888cb8341280db40c3e42f
e52583b6d5d36b7fd5dc88458ff42bc63affe1eb
411a7dde58e7f50627e413a47dda8ef4d5d11ec89ac4b78b8416a66badf7bd60

HTTP Headers

GET /assets/js/actions.js?v=1713456490 HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:11 GMT
Server: Apache/2.4.59 (Ubuntu)
Last-Modified: Wed, 27 Apr 2022 18:39:38 GMT
ETag: "30a-5dda721afce80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 318
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

39928-canadapost.com/assets/tang/login.css

91.202.233.157

200 OK

18 kB

URL GET HTTP/1.1
39928-canadapost.com/assets/tang/login.css
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with very long lines (30207), with CRLF line terminators
Size
18 kB (17505 bytes)
Hash
e2e261bd01934f1454db96f50e92221e
ebf26a57a361a4e9d1019cc3b2505bf787b25c23
17cc5a185387b14754ac2a16f4550760696abff3bbe7267e1b0788dfa162d570

HTTP Headers

GET /assets/tang/login.css HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:11 GMT
Server: Apache/2.4.59 (Ubuntu)
Last-Modified: Wed, 11 May 2022 05:22:30 GMT
ETag: "28a75-5deb5a0b1b180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17505
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

39928-canadapost.com/assets/tang/css/global.css

91.202.233.157

200 OK

34 kB

URL GET HTTP/1.1
39928-canadapost.com/assets/tang/css/global.css
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with very long lines (37903)
Size
34 kB (33547 bytes)
Hash
b374e60db922ec4da2bf2752140f0ea8
65d491566edc11ce4bf2cbcbaf8905281e40aa12
ffbb5c5da4b76b6df707ef62156e5c70cf78db2f40c0049d87538e2b152b6735

HTTP Headers

GET /assets/tang/css/global.css HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:11 GMT
Server: Apache/2.4.59 (Ubuntu)
Last-Modified: Wed, 04 Aug 2021 01:25:16 GMT
ETag: "37b3e-5c8b1acb71700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33547
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

39928-canadapost.com/assets/tang/fonts/icomoon.ttf

91.202.233.157

200 OK

122 kB

URL GET HTTP/1.1
39928-canadapost.com/assets/tang/fonts/icomoon.ttf
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon
Size
122 kB (122004 bytes)
Hash
36c9e68b7f9230d69a0ef10a5e979063
9d798a07c50d378a1d7f3e22a843772d5c98d46d
aedb9f7b494d182050df14a76ad3c13172f934031499c16e4c741f2a994a1c16

HTTP Headers

GET /assets/tang/fonts/icomoon.ttf HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://39928-canadapost.com/deposit/tang/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:10 GMT
Server: Apache/2.4.59 (Ubuntu)
Last-Modified: Wed, 04 Aug 2021 01:24:50 GMT
ETag: "1dc94-5c8b1ab2a5c80"
Accept-Ranges: bytes
Content-Length: 122004
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/ttf

39928-canadapost.com/assets/tang/css/app.css

91.202.233.157

200 OK

31 kB

URL GET HTTP/1.1
39928-canadapost.com/assets/tang/css/app.css
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30942 bytes)
Hash
b23bb64060851dda267494b92ef852d2
9327bc4fd612d66124ca58a82c77ff618d5c7c6f
9c2223316e20edb06d750c9e8e94c760033bec8d6f552f6fe8785b6e2d35890a

HTTP Headers

GET /assets/tang/css/app.css HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:11 GMT
Server: Apache/2.4.59 (Ubuntu)
Last-Modified: Wed, 04 Aug 2021 01:19:12 GMT
ETag: "34987-5c8b19704e400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30942
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

39928-canadapost.com/assets/tang/files/brand-orange.png

91.202.233.157

200 OK

2.5 kB

URL GET HTTP/1.1
39928-canadapost.com/assets/tang/files/brand-orange.png
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
PNG image data, 285 x 60, 8-bit colormap, non-interlaced
Size
2.5 kB (2462 bytes)
Hash
053dbee1f4d121e48d608ce4a693c96a
d1cd7dd196c414218a88e1d9f67ebdad380d40af
b0c0092ef63e49ce2ca0c56290809c62cbd0f6c6fbf8fc5824fc183f5b49a3b8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Tangerine

HTTP Headers

GET /assets/tang/files/brand-orange.png HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:11 GMT
Server: Apache/2.4.59 (Ubuntu)
Last-Modified: Sun, 23 May 2021 03:20:34 GMT
ETag: "99e-5c2f6c6a50480"
Accept-Ranges: bytes
Content-Length: 2462
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

39928-canadapost.com/assets/tang/fonts/icon_DownArrow-white.svg

91.202.233.157

200 OK

813 B

URL GET HTTP/1.1
39928-canadapost.com/assets/tang/fonts/icon_DownArrow-white.svg
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
SVG Scalable Vector Graphics image
Size
813 B (813 bytes)
Hash
42527c36d73f9abeed98cb3b76207871
1ef8142d1110e27fef7ca6e6abb132e2efbd9c85
c0faef666af1a9e984c6d7ab4823de034ca9dacc8c1f9f637af91cf8c9e49346

HTTP Headers

GET /assets/tang/fonts/icon_DownArrow-white.svg HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:11 GMT
Server: Apache/2.4.59 (Ubuntu)
Last-Modified: Wed, 04 Aug 2021 01:24:50 GMT
ETag: "32d-5c8b1ab2a5c80"
Accept-Ranges: bytes
Content-Length: 813
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml

39928-canadapost.com/assets/tang/img/tangerine-logo-white.svg

91.202.233.157

200 OK

3.0 kB

URL GET HTTP/1.1
39928-canadapost.com/assets/tang/img/tangerine-logo-white.svg
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
SVG Scalable Vector Graphics image
Size
3.0 kB (2993 bytes)
Hash
ccc7fd61b5c4583c87841ba4df98f82a
eb1a0032bc2cf1f1c521933a06e0e31b66d0d3a6
0dc7a682c15073da65e89ead9adb16b5877e3b78b09a81c2e4d36e7b7c3322a5

HTTP Headers

GET /assets/tang/img/tangerine-logo-white.svg HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:11 GMT
Server: Apache/2.4.59 (Ubuntu)
Last-Modified: Wed, 04 Aug 2021 01:19:08 GMT
ETag: "bb1-5c8b196c7db00"
Accept-Ranges: bytes
Content-Length: 2993
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml

39928-canadapost.com/assets/tang/files/brand-white.png

91.202.233.157

200 OK

2.5 kB

URL GET HTTP/1.1
39928-canadapost.com/assets/tang/files/brand-white.png
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
PNG image data, 286 x 60, 8-bit colormap, non-interlaced
Size
2.5 kB (2458 bytes)
Hash
58e453f1d556b41410934f2d7cc80acb
ae966764337c07568f94cee1395bc41c9a8dbc75
a900806f01bb127b471228bf4598a6c907fd1b26eae4f2c7c95cefd3adb5f9ec

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Tangerine

HTTP Headers

GET /assets/tang/files/brand-white.png HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:11 GMT
Server: Apache/2.4.59 (Ubuntu)
Last-Modified: Sun, 23 May 2021 03:20:32 GMT
ETag: "99a-5c2f6c6868000"
Accept-Ranges: bytes
Content-Length: 2458
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

39928-canadapost.com/assets/tang/loading.gif

91.202.233.157

200 OK

166 kB

URL GET HTTP/1.1
39928-canadapost.com/assets/tang/loading.gif
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
GIF image data, version 89a, 498 x 498
Size
166 kB (166466 bytes)
Hash
a742721ea2075bc3956a2ff62c9bfeef
bb72fc6b492cfd37d36a2dca0730c1ccf2e97e06
e07efed33aec4356ba72efae1eea9fbe1e922bd270ddbd0dd1a028b5a6db4140

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Tangerine

HTTP Headers

GET /assets/tang/loading.gif HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:11 GMT
Server: Apache/2.4.59 (Ubuntu)
Last-Modified: Thu, 14 Apr 2022 15:27:46 GMT
ETag: "28a42-5dc9eef94c080"
Accept-Ranges: bytes
Content-Length: 166466
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif

39928-canadapost.com/assets/tang/fonts/lineto-tangerinecircular-book.woff

91.202.233.157

200 OK

73 kB

URL GET HTTP/1.1
39928-canadapost.com/assets/tang/fonts/lineto-tangerinecircular-book.woff
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
Web Open Font Format, TrueType, length 72908, version 1.0
Size
73 kB (72908 bytes)
Hash
5d7d60d0d87efe5a78cbe2b1ba33fa06
55302db2674acb472b3f0439618776ee4eea461e
3688e5f681d5e0297cac40f65b60c46520aa09b5bb42c7967a365959c6d5ed15

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Tangerine

HTTP Headers

GET /assets/tang/fonts/lineto-tangerinecircular-book.woff HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/assets/tang/css/global.css
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:11 GMT
Server: Apache/2.4.59 (Ubuntu)
Last-Modified: Wed, 04 Aug 2021 01:24:52 GMT
ETag: "11ccc-5c8b1ab48e100"
Accept-Ranges: bytes
Content-Length: 72908
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff

39928-canadapost.com/assets/tang/fonts/TangerineCircular-Bold.woff

91.202.233.157

200 OK

52 kB

URL GET HTTP/1.1
39928-canadapost.com/assets/tang/fonts/TangerineCircular-Bold.woff
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
Web Open Font Format, CFF, length 51548, version 1.1
Size
52 kB (51548 bytes)
Hash
fc86ef83d3f5d35d38470e8feb1b5ef4
c9a9750343d78c286660b86259b2199aca59ac8d
8271a4cfff05a122a3d97c209b8c37e375814caebecac5d5566e10e139a52eb7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Tangerine

HTTP Headers

GET /assets/tang/fonts/TangerineCircular-Bold.woff HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/assets/tang/css/global.css
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:11 GMT
Server: Apache/2.4.59 (Ubuntu)
Last-Modified: Wed, 04 Aug 2021 01:24:54 GMT
ETag: "c95c-5c8b1ab676580"
Accept-Ranges: bytes
Content-Length: 51548
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff

fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

142.250.74.131

200 OK

128 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://39928-canadapost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:27:45 GMT
expires: Tue, 15 Apr 2025 21:27:45 GMT
cache-control: public, max-age=31536000
age: 240026
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

39928-canadapost.com/deposit/tang/favicon.ico

91.202.233.157

404 Not Found

31 B

URL GET HTTP/1.1
39928-canadapost.com/deposit/tang/favicon.ico
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with CRLF line terminators
Size
31 B (31 bytes)
Hash
dc1a4596e4bc27c4de6598ba3e6a1f10
a7bd958197902620fb8046d97c150ffba596d020
f7712d669184cbf9da44b15ceacfdc3c4bbcfc683d0b7a248d823636f57748e8

HTTP Headers

GET /deposit/tang/favicon.ico HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Thu, 18 Apr 2024 16:08:11 GMT
Server: Apache/2.4.59 (Ubuntu)
Content-Length: 31
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

fonts.googleapis.com/css2?family=Material+Icons

142.250.74.106

200 OK

119 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
119 kB (119059 bytes)
Hash
a230afd6f82fdaafa1d634c222a9c812
3e7e0bb83b50d92d75b5f0edff7d115323c9501c
f7e20fa5c5ad334f4242a03a9da8888d8de2865603b0f5829474304240606ad3

HTTP Headers

GET /css2?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 16:08:11 GMT
date: Thu, 18 Apr 2024 16:08:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

39928-canadapost.com/apis/lr/action

91.202.233.157

200 OK

4 B

URL POST HTTP/1.1
39928-canadapost.com/apis/lr/action
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

HTTP Headers

POST /apis/lr/action HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 19
Origin: https://39928-canadapost.com
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:12 GMT
Server: Apache/2.4.59 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 4
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

39928-canadapost.com/apis/lr/active

91.202.233.157

200 OK

4 B

URL POST HTTP/1.1
39928-canadapost.com/apis/lr/active
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

HTTP Headers

POST /apis/lr/active HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://39928-canadapost.com
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:16 GMT
Server: Apache/2.4.59 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 4
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

39928-canadapost.com/apis/lr/action

91.202.233.157

200 OK

4 B

URL POST HTTP/1.1
39928-canadapost.com/apis/lr/action
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

HTTP Headers

POST /apis/lr/action HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 19
Origin: https://39928-canadapost.com
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:17 GMT
Server: Apache/2.4.59 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 4
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

39928-canadapost.com/apis/lr/active

91.202.233.157

200 OK

4 B

URL POST HTTP/1.1
39928-canadapost.com/apis/lr/active
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

HTTP Headers

POST /apis/lr/active HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://39928-canadapost.com
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:21 GMT
Server: Apache/2.4.59 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 4
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

39928-canadapost.com/apis/lr/action

91.202.233.157

200 OK

4 B

URL POST HTTP/1.1
39928-canadapost.com/apis/lr/action
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

HTTP Headers

POST /apis/lr/action HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 19
Origin: https://39928-canadapost.com
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:22 GMT
Server: Apache/2.4.59 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 4
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

39928-canadapost.com/apis/lr/active

91.202.233.157

200 OK

4 B

URL POST HTTP/1.1
39928-canadapost.com/apis/lr/active
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

HTTP Headers

POST /apis/lr/active HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://39928-canadapost.com
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:26 GMT
Server: Apache/2.4.59 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 4
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

39928-canadapost.com/apis/lr/action

91.202.233.157

200 OK

4 B

URL POST HTTP/1.1
39928-canadapost.com/apis/lr/action
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

HTTP Headers

POST /apis/lr/action HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 19
Origin: https://39928-canadapost.com
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:27 GMT
Server: Apache/2.4.59 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 4
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

5.8 kB

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
gzip compressed data, max speed, from Unix
Size
5.8 kB (5759 bytes)
Hash
52a1e40d3746c76b0167007994950370
6c5838f16f22c0778bc428242b26ca65bf64683c
5ca94e7f36b9452fe67eeaf4a9898c2003278f9f9151c572b2cc6178afff781a

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 16:08:29 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=Asa5wwRdirdBbxIQKeQK3hryPD1C57V4aRh6s7GWPE362LmDfYpykoasTYA-j7ITe1F81UuFfzHYP8_pHbxhiJiIhD3m83FOCLk5F_PD3w6GDlZjcI91Pt169mZwY6XW
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

39928-canadapost.com/apis/lr/active

91.202.233.157

200 OK

4 B

URL POST HTTP/1.1
39928-canadapost.com/apis/lr/active
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

HTTP Headers

POST /apis/lr/active HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://39928-canadapost.com
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:31 GMT
Server: Apache/2.4.59 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 4
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

39928-canadapost.com/apis/lr/action

91.202.233.157

200 OK

4 B

URL POST HTTP/1.1
39928-canadapost.com/apis/lr/action
IP
91.202.233.157:443
ASN
#200593 Prospero Ooo

Requested by
https://39928-canadapost.com/deposit/tang/
Certificate
IssuerLet's Encrypt
Subject39928-canadapost.com
Fingerprint3D:83:57:1C:FC:03:D7:4E:99:24:3B:BA:8B:EF:C5:3B:13:3F:0B:15
ValiditySat, 24 Feb 2024 15:05:29 GMT - Fri, 24 May 2024 15:05:28 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

HTTP Headers

POST /apis/lr/action HTTP/1.1
Host: 39928-canadapost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 19
Origin: https://39928-canadapost.com
DNT: 1
Connection: keep-alive
Referer: https://39928-canadapost.com/deposit/tang/
Cookie: PHPSESSID=lau536185d0l0mel69m68f87rp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 16:08:33 GMT
Server: Apache/2.4.59 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 4
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (28)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate